US sanctions Russian bulletproof hosting for supporting cybercrime

US sanctions Russian bulletproof hosting for supporting cybercrime

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Russia-based bulletproof hosting (BPH) provider Aeza Group, accusing the company of supporting cybercriminal operations and global threat actors.

The sanctions target Aeza Group’s parent entity, subsidiaries, including the UK-based Aeza International Ltd., Aeza Logistic LLC, and Cloud Solutions LLC, and four individuals linked to the company’s leadership and operations.

Among those sanctioned are Arsenii Aleksandrovich Penzev, Aeza Group’s CEO and 33% owner; Yurii Meruzhanovich Bozoyan, general director and co-owner; Vladimir Vyacheslavovich Gast, the firm’s technical director; and Igor Anatolyevich Knyazev, another co-owner who oversees operations in the absence of the top leadership.

Penzev was arrested in April 2025 in Moscow on charges related to leading a criminal organization and facilitating large-scale drug trafficking by hosting the online drug store BlackSprut. Along with Bozoyan were detained two employees, Maxim Orel and Tatyana Zubova.

Based in St. Petersburg, Aeza Group is accused of knowingly leasing infrastructure to cybercrime groups including ransomware and infostealer families such as BianLian, RedLine, Meduza, and Lumma, some of which have been used to target US defense contractors and tech companies.

According to previous reports, Aeza's infrastructure was also used by Doppelganger, a pro-Russian influence operation that spread Kremlin propaganda via clones of the well- established news outlets such as Le Monde and the Guardian. Additionally, the Russia-aligned hacker group Nebulous Mantis (aka Cuba, STORM-0978, Tropical Scorpius, UNC2596), known for deploying the RomCom RAT, is believed to have used Aeza's services for hosting spear-phishing and command-and-control (C2) servers.


Back to the list

Latest Posts

Researchers caught embedding hidden AI prompts to sway research reviewers

Researchers caught embedding hidden AI prompts to sway research reviewers

The investigation analyzed English-language preprints published on the research platform arXiv and found concealed AI instructions in 17 papers.
7 July 2025
Brazilian programmer arrested for role in $185 million bank hack

Brazilian programmer arrested for role in $185 million bank hack

João Nazareno Roque, a junior back-end developer at C&M, was allegedly recruited by hackers in a bar in São Paulo.
7 July 2025
APT36 cyber-espionage campaign targeting Indian defense sector via BOSS Linux

APT36 cyber-espionage campaign targeting Indian defense sector via BOSS Linux

More recently, APT36 has shifted its focus to Linux-based environments.
7 July 2025