The United States, Australia, and the United Kingdom have announced coordinated sanctions against Media Land, a Russia-based bulletproof hosting provider, and related entities for supporting ransomware operations and other cybercrimes.
The Department of the Treasury’s Office of Foreign Assets Control (OFAC), working with international partners and the FBI, has designated the company’s leadership team and sister organizations.
Bulletproof hosting services provide specialized infrastructure designed to evade law enforcement detection.
These providers offer servers and technical support specifically engineered to circumvent security measures, making them critical enablers of ransomware attacks and other malicious activities.
Media Land LLC, headquartered in St. Petersburg, Russia, has provided hosting services to major ransomware operators, including LockBit, BlackSuit, and Play.
The company’s infrastructure supported numerous distributed denial-of-service attacks against U.S. businesses and critical infrastructure.
Media Land’s sister company, ML Cloud, frequently operates in conjunction with Media Land to facilitate ransomware and DDoS attacks.
OFAC designated Aleksandr Volosovik as Media Land’s general director, noting he advertised services under the alias “Yalishanda” on cybercriminal forums.
Volosovik provided servers and technical support to ransomware actors. Kirill Zatolokin, a Media Land employee, handled customer payments and coordinated with other cyber actors.
Yulia Pankova, aware of Volosovik’s activities, provided legal assistance and financial support. All three individuals face OFAC designations.
Additionally, Media Land Technology and Data Center Kirishi, both wholly owned subsidiaries, have been sanctioned. These entities operated as extensions of Media Land’s criminal infrastructure.
After OFAC designated Aeza Group in July 2025, the organization attempted to rebrand and distance itself from its infrastructure to evade sanctions.
Today’s action demonstrates the authorities’ commitment to countering such evasion tactics.
OFAC designated Hypercore Ltd., a UK-registered company, Aeza used to relocate its IP infrastructure and avoid sanctions consequences.
Maksim Vladimirovich Makarov, Aeza’s new director, directed the company’s sanctions-evasion strategy and faces designation.
Ilya Vladislavovich Zakirov helped establish new companies and payment methods to obscure Aeza’s activities.
Smart Digital Ideas DOO, a Serbian company, and Datavice MCHJ, an Uzbek entity, were both utilized by Aeza for sanctions evasion and technical infrastructure unconnected to the Aeza brand.
All property and assets belonging to the designated individuals and entities within the United States are now blocked.
U.S. persons and financial institutions are prohibited from conducting transactions with these sanctioned entities. Violations carry significant civil and criminal penalties.
This trilateral action underscores the collective commitment of Western nations to disrupting cybercrime infrastructure and protecting citizens from ransomware threats.
The sanctions target not only the hosting providers but also the networks enabling their operations, representing a comprehensive approach to tackling transnational cybercrime.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and set GBH as a Preferred Source in Google.