US Treasury Sanctions Media Land and Aeza Group for Cybercrime Hosting

On November 19, 2025, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions on Media Land, front companies of the Aeza Group, and related individuals. The sanctions target their involvement in providing bulletproof hosting (BPH) services, which support illicit cyber activities. OFAC also designated a bitcoin address belonging to Media Land‘s General Director, Alexander Alexandrovich Volosovik, as part of the sanctions, detailed in the official press release.

Bulletproof hosting providers sell internet infrastructure that enables cybercriminals to operate phishing sites, Malware command-and-control servers, ransomware leak sites, and other fraud services. These providers use strategies like permissive jurisdictions, opaque front companies, reverse proxies, and fast-flux IP rotation to resist takedown efforts by law enforcement.

Media Land, headquartered in St. Petersburg, Russia, has supplied BPH services to major ransomware groups including Lockbit, BlackSuit, and Play. Their infrastructure was also involved in multiple denial-of-service attacks targeting US businesses and critical infrastructure. ML Cloud, a connected entity, is frequently used alongside Media Land for ransomware and DDoS activities. Volosovik has advertised on cybercrime forums and provided direct technical support for ransomware and DDoS actors. Media Land’s network has also been tied to notable threats such as Snatch Team, GandCrab, Smokeloader, and extensive phishing campaigns.

Cryptocurrency is a common payment method for BPH services. According to data mentioned by Elliptic, Zservers received over $5.1 million, and the Aeza Group about $360,000 in crypto payments. Volosovik’s designated bitcoin address has processed under $150, likely for such services, with associated addresses handling approximately $3,000 since 2017. Most funds routed through centralized exchanges and privacy-focused wallets like Wasabi Wallet, with activity last noted in November 2024.

The sanctions extend to individuals Kirill Zatolokin, Yulia Pankova, and entities including Media Land Technology (MLT) and Data Center Kirishi. The UK’s Office of Financial Sanctions Implementation simultaneously designated these parties, confirming a coordinated enforcement effort, as noted in its official notice.

Additional individuals and organizations linked to the Aeza Group sanctioned by OFAC include UK-based Hypercore Ltd. (also designated by the UK, see notice), Serbian company Smart Digital Ideas DOO, Uzbek firm Datavice MCHJ, and representatives Maksim Vladimirovich Makarov and Ilya Vladislavovich Zakirov.

Following these actions, Elliptic has integrated the sanctioned bitcoin address into its blockchain analytics platform. This update enables customers to screen and trace transactions to prevent handling funds associated with these designated parties. Blockchain’s permanent and public transaction records provide enhanced visibility of illicit financial flows, facilitating faster and more accurate enforcement and compliance efforts.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

• Musk, Nvidia, xAI, Humain Launch 500MW AI Data Center Project
• Chinese Influencer “Sister Orange” Arrested in Cambodia for Fraud, Trafficking
• Hyperlane Launches Permissionless eXRD-XRD Bridge Between Ethereum and Radix
• Active Exploitation of 7-Zip CVE-2025-11001 ZIP Flaw Alert
• Ireland Leads Whiskey Investment Boom with 12-14% Returns