- The U.S. Treasury has sanctioned the Russian bulletproof Hosting provider Aeza Group for facilitating cybercriminal activity worldwide.
- Sanctions include Aeza Group, several of its subsidiaries, and four individuals associated with the company.
- Aeza’s CEO, Arsenii Aleksandrovich Penzev, was arrested in April 2025 for alleged involvement with the dark web drug marketplace BlackSprut.
- The company is accused of supporting Ransomware and data theft operations targeting the U.S. defense and technology sectors, among others.
- These sanctions are part of broader international efforts to dismantle cybercrime infrastructure and disrupt ransomware supply chains.
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has issued sanctions against the Russian-based hosting firm Aeza Group on charges of enabling cyberattacks and other illegal activities across the United States and globally. Announced in July 2025, the measures also target Aeza Group’s foreign subsidiaries and four individuals connected to company operations.
The sanctions list includes Aeza International Ltd. (the UK branch), Aeza Logistic LLC, Cloud Solutions LLC, and key company leaders: Arsenii Aleksandrovich Penzev, CEO; Yurii Meruzhanovich Bozoyan, general director; Vladimir Vyacheslavovich Gast, technical director; and Igor Anatolyevich Knyazev, owner. Treasury officials said these entities aided cybercriminals by providing hosting services that support ransomware, data theft, and illicit drug sales.
According to Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence, “Cybercriminals continue to rely heavily on BPH service providers like Aeza Group to facilitate disruptive ransomware attacks, steal U.S. technology, and sell black-market drugs.” The agency added it will keep working with partners in the UK and elsewhere to target organizations and individuals believed to help sustain such criminal ecosystems.
Bulletproof hosting (BPH) services, like those from Aeza Group, are known for ignoring law enforcement and abuse reports, making them attractive for threat actors to run command-and-control servers, phishing operations, and other attacks without interruption. Authorities allege that Aeza Group provided hosting for cybercrime groups including BianLian, RedLine, Meduza, and Lumma—Malware types implicated in attacks on U.S. defense and tech companies.
The sanctions came after Penzev’s arrest in April 2025, which involved accusations of running a criminal organization and enabling large-scale drug trafficking via the BlackSprut dark web marketplace. Several other employees, including Bozoyan, also faced detention. Investigation reports from Correctiv and Qurium cite Aeza’s infrastructure as being used for pro-Russian influence operations such as Doppelganger, and by threat actors like Void Rabisu, linked to RomCom RAT.
Earlier this year, Treasury also sanctioned another Russian host, Zservers, for supporting ransomware actors. Last week, Qurium investigators connected Russian provider Biterika to distributed denial-of-service (DDoS) attacks against independent media in Russia.
Authorities say these recent sanctions are part of ongoing steps to disrupt the infrastructure behind cybercrimes and to make it harder for ransomware gangs and threat actors to operate unchecked.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- China Races to Refine Stablecoin Policy Amid US, Market Pressure
- DOJ Seizes $225M in Crypto Linked to Pig Butchering Scams
- Humanoid Hotel Robots Spark Mixed Reactions From Guests Worldwide
- AMC Stock Plunges 9% as Debt Deal Sparks Shareholder Dilution
- Solana Drops 7.8% Ahead of REX-Osprey SOL + Staking ETF Launch
