Article Details
Scrape Timestamp (UTC): 2025-07-01 17:09:16.199
Original Article Text
Click to Toggle View
Aeza Group sanctioned for hosting ransomware, infostealer servers. The U.S. Department of the Treasury has sanctioned Russian hosting company Aeza Group and four operators for allegedly acting as a bulletproof hosting company for ransomware gangs, infostealer operations, darknet drug markets, and Russian disinformation campaigns. The Treasury's Office of Foreign Assets Control (OFAC) claims that Aeza's services were utilized by the BianLian ransomware gang, for RedLine infostealer panels, and by BlackSprut, a Russian darknet marketplace that sold drugs to individuals in the United States and worldwide. A bulletproof hosting service (BPH) is a company that deliberately ignores abuse complaints and law enforcement takedown requests, providing a safe environment for cybercriminals to host malware and conduct attacks. Aeza was previously linked to a Russian disinformation campaign known as "Doppelgänger," which cloned legitimate European and U.S. media sites to distribute propaganda targeting Western audiences. OFAC has now sanctioned four individuals who the U.S. says are the primary operators of the Aeza Group: All four individuals and related companies, Aeza International Ltd., Aeza Logistic LLC, and Cloud Solutions LLC, will now have their assets frozen in the U.S., and U.S. companies are prohibited from doing business with them or the Aeza Group. Russian media previously reported that Bozoyan, Penzev, and other staff members were arrested in April for "illegal banking activities as part of an organized criminal group" and the hosting of the BlackSprut drugs marketplace. The Treasury Department states that these sanctions build upon the agency's previous action in February, which sanctioned the ZServers and Xhost bulletproof hosting providers used by the LockBit ransomware gang and other cybercriminals. 8 Common Threats in 2025 While cloud attacks may be growing more sophisticated, attackers still succeed with surprisingly simple techniques. Drawing from Wiz's detections across thousands of organizations, this report reveals 8 key techniques used by cloud-fluent threat actors.
Daily Brief Summary
The U.S. Department of the Treasury has imposed sanctions on the Russian hosting company Aeza Group for alleged involvement in various cybercriminal activities.
Aeza Group, along with four of its operators, is accused of functioning as a bulletproof hosting service, which ignores abuse complaints and law enforcement requests, aiding cybercriminal activities.
The sanctioned entity is linked to hosting services for the BianLian ransomware gang, RedLine infostealer operations, and BlackSprut, a darknet drug market.
The sanctions also target Aeza International Ltd., Aeza Logistic LLC, and Cloud Solutions LLC, freezing their assets in the U.S. and prohibiting American companies from doing business with them.
Prior to these sanctions, some members of Aeza were arrested for illegal banking activities and their involvement in hosting the BlackSprut drug marketplace.
The sanctions build on previous U.S. actions from February, which targeted other bulletproof hosting providers associated with the LockBit ransomware gang and various cybercriminals.
Aeza was also implicated in the "Doppelgänger" Russian disinformation campaign that mimicked legitimate media sites to spread propaganda in the West.