UK targets ‘bulletproof’ companies that hosted ransomware gangs
The UK’s Nationwide Crime Company and companions from the Anglophone 5 Eyes intelligence alliance have fired a number of pictures throughout the bows of so-called ‘bulletproof’ internet hosting companies Media Land and ML Cloud that shielded their clients, together with ransomware gangs akin to Black Basta, Evil Corp and LockBit, from detection.
The 2 organisations are alleged to be a part of a Russia-based operation run by a person named as Alexander Volosovik (aka Yalishanda), who’s described as a “vital enabler” of world cyber crime.
They’re accused of supporting large-scale ransomware campaigns and different malware operations, resulting in monetary losses, operational disruption and reputational harm for unusual companies all around the world.
The NCA stated the actions complemented its technique of concentrating on the ransomware ecosystem’s key enablers who facilitate legal exercise and decrease the barrier to entry for cyber criminals.
“Bulletproof internet hosting is a key element of the cyber crime ecosystem, offering a digital protected haven for cyber criminals that may seem proof against regulation enforcement takedown exercise,” stated NCA deputy director Paul Foster, head of the Nationwide Cyber Crime Unit.
“Providers like Media Land … are vital enablers for cyber criminals so sanctions like immediately’s in opposition to Media Land will inhibit their capability to plan, launch and monetise legal schemes.
“This motion will help in regulation enforcement’s pursuit of nullifying the ‘bulletproof’ protect offered by illicit internet hosting companies, serving to to degrade the cybercrime ecosystem that nefarious actors rely upon.”
Volosovik and two associates have been sanctioned by the Overseas, Commonwealth and Improvement Workplace (FCDO) within the UK, the US Division of the Treasury’s Workplace of Overseas Belongings Management (OFAC), and Australia’s Division for Overseas Affairs and Commerce (DFAT).
The opposite two people have been named by the US as Kirill Zatolokin, who was allegedly answerable for accumulating funds and liaising with different cyber criminals, and Yulia Pankova, who allegedly offered authorized and monetary assist to the operation.
“These so-called bulletproof internet hosting service suppliers like Media Land present cybercriminals important companies to assist them in attacking companies in the USA and in allied nations,” stated John Hurley, beneath secretary of the Treasury for Terrorism and Monetary Intelligence.
“As we speak’s trilateral motion with Australia and the UK, in coordination with regulation enforcement companions, demonstrates our collective dedication to combatting cyber crime and defending our residents.”
Sustaining stress
On the identical time, the US authorities are persevering with their pursuit of one other bulletproof service Aeza, which was sanctioned initially of July.
Since then, stated OFAC, the service’s management has launched into a significant rebrand centered on eradicating connections between Aeza and its technical infrastructure. Nonetheless, with watchful eyes on them, this seems to have been in useless.
The US has now imposed sanctions on two people, Maksim Vladimirovich Makarov, the newly-designated director of Aeza, and Ilya Vladislavovich Zakirov, who’s accused of serving to arrange new entrance firms and fee strategies to obfuscate Aeza’s work.
It has additionally designated three firms over hyperlinks to Aeza. Two of them, Sensible Digital Concepts DOO and Datavice MCHJ are based mostly in Serbia and Uzbekistan and have allegedly been used to evade sanctions on Russia and run technical infrastructure that isn’t linked to the Aeza identify.
The third, nonetheless, is a UK-based firm named by as Hypercore Ltd, which the US stated was fashioned earlier in 2025 with the intent of getting used to maneuver Aeza’s IP infrastructure and evade sanctions.
