US Sanctions Russian Host Aeza Group Over Ransomware Support

  • The US Treasury sanctioned Russia-based Aeza Group, a bulletproof hosting service that provided infrastructure for ransomware attacks and data theft operations.
  • The sanctions target four Russian nationals, including CEO Arsenii Penzev and seized a cryptocurrency wallet containing approximately $350,000.

The US Treasury Department has sanctioned Russia-based Aeza Group, a major step in the direction of breaking cybercriminal infrastructure. The operation is against a bulletproof hosting service that is accused of facilitating ransomware activities and information theft campaigns in various criminal groups.

Major Action Against Criminal Activities

The sanctions imposed on Tuesday include the leadership of Aeza Group, related businesses, and a cryptocurrency wallet with about $350,000 in digital money. The Office of Foreign Assets Control has listed four Russian nationals as being instrumental in the activities of the organization and its ownership structure.

St. Petersburg based Aeza Group offered specialized server access and computer infrastructure to enable large-scale cyberattacks. The company is accused of sponsoring well-known criminal organizations such as Meduza and Lumma infostealer operators, BianLian ransomware affiliates, and RedLine infostealer panels.

The sanctioned cryptocurrency address served as an administrative wallet on the Tron blockchain and received payments and transferred funds to different exchanges. According to a blockchain analytics company, Chainalysis, Aeza used payment processors to make transactions less traceable and conceal the source of customer deposits.

Some of them who have been sanctioned include CEO Arsenii Aleksandrovich Penzev, general director Yurii Meruzhanovich Bozoyan, technical director Vladimir Vyacheslavovich Gast, and part-owner Igor Anatolyevich Knyazev. Penzev and Bozoyan were earlier arrested by Russian authorities on suspicion of links with the illegal BlackSprut darknet marketplace.

The sanctions block all the US-based assets that are linked to the targeted entities and forbid American individuals from carrying out financial transactions with them. The federal law has both civil and criminal sanctions against violations.

Cybersecurity analysts consider this move as a strategic change to attack criminal infrastructure instead of going after individual perpetrators once attacks have been made. The strategy will aim at breaking the chain of supply that facilitates mass cybercrime activities.

Recent statistics show that phishing attacks are the most common in stealing cryptocurrency in the year 2025, which amounts to $2.1 billion. Such attacks are usually aimed at sensitive data such as personal wallet keys and authentication data.
The move by the Treasury is part of the global efforts to curb the capacity of cybercriminals by taking away the critical infrastructure services that they use. Police departments are still working on pressure points against organized cybercrime networks across the globe.

Highlighted Crypto News Today:

‌Glassnode Report Highlights Bybit’s Historic Recovery After $1.4B Lazarus Hack

Source: https://thenewscrypto.com/us-sanctions-russian-host-aeza-group-over-ransomware-support/