U.S. Treasury Sanctions Bulletproof Hosting Firm Fueling Ransomware Campaigns

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sweeping sanctions on Aeza Group, a Russia-based bulletproof hosting (BPH) provider, for its pivotal role in enabling global cybercrime, including ransomware attacks, data theft, and illicit drug trafficking.

The action, announced Tuesday, targets Aeza Group’s international network, including affiliated companies in Russia and the United Kingdom, as well as four key leaders of the organization.

Aeza Group: The Backbone of Cybercrime Operations

Headquartered in St. Petersburg, Aeza Group has been identified as a critical infrastructure provider for some of the world’s most notorious cybercriminals.

The company’s servers and specialized infrastructure have supported ransomware groups such as BianLian, and infostealer operators including Meduza, RedLine, and Lumma.

These groups have targeted U.S. defense contractors, technology firms, and numerous victims worldwide, harvesting sensitive data and credentials that are later sold on darknet markets.

Aeza Group’s services extended beyond cyberattacks. The company also hosted BlackSprut, a Russian darknet marketplace for illicit drugs, facilitating the anonymous sale and shipment of narcotics, including fentanyl precursors, into the United States.

According to U.S. officials, such platforms are an increasing contributor to the global drug trafficking crisis.

The sanctions encompass Aeza Group’s UK-based front company, Aeza International Ltd., which was used to lease IP addresses to cybercriminals, and two Russia-based subsidiaries, Aeza Logistic LLC and Cloud Solutions LLC.

All three entities are now subject to asset freezes and transaction bans under U.S. jurisdiction.

OFAC also designated four key Aeza Group leaders:

• Arsenii Aleksandrovich Penzev (CEO and 33% owner)
• Yurii Meruzhanovich Bozoyan (General Director and 33% owner)
• Vladimir Vyacheslavovich Gast (Technical Director)
• Igor Anatolyevich Knyazev (33% owner and acting manager)

Penzev and Bozoyan were previously arrested by Russian authorities for their involvement in the BlackSprut drug marketplace.

The sanctions also freeze a cryptocurrency wallet linked to Aeza Group’s payment infrastructure, which reportedly handled over $350,000 in transactions related to illicit hosting services.

The wallet was used for cash-outs to global exchanges and payment processors, further obscuring the flow of criminal proceeds.

This latest action follows OFAC’s February sanctions against another Russian BPH provider, ZServers, and underscores the Treasury’s commitment to dismantling the infrastructure that underpins global cybercrime.

“Cybercriminals continue to rely heavily on BPH service providers like Aeza Group to facilitate disruptive ransomware attacks, steal U.S. technology, and sell black-market drugs,” said Bradley T. Smith, Acting Under Secretary for Terrorism and Financial Intelligence.

All property and interests in property of the designated entities and individuals within U.S. jurisdiction are now blocked, and U.S. persons are generally prohibited from engaging in transactions with them. Violations may result in significant civil or criminal penalties.

The Treasury’s move, coordinated with the UK’s National Crime Agency, highlights the growing international resolve to expose and disrupt the networks enabling cybercrime and digital threats worldwide.

Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates