The governments of the United States, United Kingdom, and Australia have sanctioned a Russian “bulletproof” web hosting company and several of its related firms. The companies are accused of being used to launch ransomware attacks against U.S. victims and critical infrastructure.
In a statement, the U.S. Treasury announced coordinated sanctions on the Russia-based web host Media Land and three related companies. The sanctions also target several of the company’s executives, including its general director, who is alleged to have provided servers and troubleshooting services to cybercriminals.
Officials state that criminal hackers relied on Media Land to launch distributed denial-of-service attacks. Prolific ransomware gangs, including LockBit, BlackSuit, and Play, allegedly used the company for their infrastructure. The Treasury also said that several of the company’s employees directly coordinated with cybercriminals.
“Bulletproof” providers are web hosts and cloud companies that typically advertise their services as resistant to law enforcement actions, such as takedowns or legal demands. As a result, they are commonly used by cybercriminals to host malicious infrastructure. U.S. officials said hosting companies like Media Land help provide cybercriminals with essential services for attacking businesses in the United States and allied countries.
The U.K.’s Foreign Office stated it was also designating a U.K.-based company called Hypercore. Officials said Hypercore was set up as a front company for Aeza Group, another bulletproof hosting company that was sanctioned by the U.S. in July. The U.K. government said that Aeza is linked to a Kremlin disinformation organization called the Social Design Agency.
Sanctioning the companies and individuals involved in cybercrime makes it illegal for citizens, residents, or those with business ties to the U.S., U.K., and Australia to transact or conduct business with those who are sanctioned.
Separately, U.S. cybersecurity agency CISA and the National Security Agency published guidance on how organizations can mitigate the risks from bulletproof hosting providers.