The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Russia-based bulletproof hosting provider Aeza Group, targeting its infrastructure, executives, and a cryptocurrency wallet allegedly linked to illicit activities.
Crack Down on Russian Bulletproof Hosting Provider
The enforcement, announced on July 1st in coordination with the United Kingdom’s National Crime Agency (NCA), marks another major step in international efforts to dismantle cybercrime networks exploiting blockchain systems.
Aeza Group is accused of supplying specialized hosting services to ransomware gangs, malware operators, and darknet marketplaces, shielding criminal enterprises from law enforcement detection.
Bradley Smith, acting undersecretary for terrorism and financial intelligence at the U.S. Treasury said,
“Cybercriminals continue to rely heavily on BPH service providers like Aeza Group to facilitate disruptive ransomware attacks, steal U.S. technology, and sell black-market drugs.”
Connections with Ransomware Gangs and Darknet Marketplaces
According to OFAC’s designation, Aeza’s infrastructure has supported a range of high-profile cybercrime entities, including the Meduza and Lumma infostealer operators, who have targeted U.S. defense and technology firms. Notably, the group also hosted the notorious Russian darknet market, Blacksprut.
The designation extends to Aeza Group’s related entities, including Aeza International Limited, a UK-based front company allegedly used to lease IP addresses for criminal operations, and two wholly owned Russian subsidiaries, Aeza Logistic and Cloud Solutions. Since the sanctions were announced, websites affiliated with these firms have reportedly gone offline.
Crypto Wallet Handling Proceeds of Crime Sanctioned
Alongside infrastructure sanctions, OFAC also blacklisted a Tron blockchain address believed to function as an administrative wallet for Aeza’s payment processor. Blockchain analytics firm Chainalysis revealed the wallet handled cash-outs and directed payments to cryptocurrency exchanges, while occasionally receiving direct payments for Aeza’s services.
It stated,
“On-chain analysis and additional research indicate that Aeza relied on a payment processor to receive payments for hosting services, thereby obscuring the traceability of customer deposits.”
TRM Labs, another blockchain intelligence company, corroborated the findings, noting the wallet’s connection to sanctioned Russian crypto exchange Garantex and other cybercrime services via intermediary addresses. According to TRM, the address has processed over $350,000 and routinely interfaced with global exchanges and payment providers to launder proceeds.
Key Aeza Executives Sanctioned, Two in Russian Custody
OFAC also designated four senior figures from Aeza Group: CEO Arsenii Aleksandrovich Penzev, general director Yurri Meruzhanovich Bozoyan, technical director Vladimir Vyacheslavovich Gast, and Igor Anatolyevich Knyazev, each holding a 33% ownership stake in the company. OFAC stated that Gast was instrumental in managing Aeza’s internal network and oversaw the integration of Blacksprut onto Aeza’s infrastructure.
According to Telegram-based reports, both Penzev and Bozoyan have been detained by Russian authorities in connection with their role in facilitating services for Blacksprut. Their arrests reportedly came after Aeza began supporting the darknet platform in 2023.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice
Source: https://cryptodaily.co.uk/2025/07/us-treasury-sanctions-crypto-wallet-tied-to-russian-bulletproof-host-aeza-group