The US is sanctioning a Russian web hosting company for allegedly helping cybercriminals spread malware and execute ransomware attacks.
On Tuesday, the Treasury Department announced the sanctions against Aeza Group and its UK-based affiliate Aeza International, which supply web hosting for as little as $6 per month. However, federal investigators allege the Russian company has been selling services to cybercriminals that target US businesses and users.
The Treasury Department describes Aeza as a “bulletproof” hosting provider, claiming it supplies internet services to clients meant to withstand complaints of illegal activities. The agency alleges that Aeza’s customers include hackers who have spread Meduza and Lumma, two Windows-based malware strains that steal passwords and cryptocurrency wallet details from browsers.
(Credit: Aeza.net)
The Treasury Department also claims that customers of Aeza use the web hosting service to target “the US defense industrial base and technology companies, among other victims globally.” The password and sensitive information stolen with the malware is then sold on blackmarket sites on the dark web.
In addition to malware, Aeza Group also allegedly sold services to host BianLian ransomware attacks, and provided web hosting to BlackSprut, a Russian darknet marketplace for drugs. In response, the Treasury Department’s sanctions are designed to cut off Aeza from the western banking system by essentially outlawing US transactions with the Russian company. Financial institutions also risk facing penalties if they conduct business with Aeza.
Recommended by Our Editors
On top of this, The Treasury Department has sanctioned four executives behind the Russian company. Aeza Group, which is based in St. Petersburg, Russia, didn’t immediately respond to a request for comment.
In the meantime, cryptocurrency tracking firm Chainalysis noted that Aeza now accepts cryptocurrency when it previously offered payment methods including Visa and Mastercard. Still, Chainalysis expects the sanctions to help disrupt hacking activities. “By sanctioning bulletproof hosting providers, the US government is attacking the supply chain that makes large-scale cybercrime possible, rather than just pursuing individual threat actors after attacks have occurred,” it said.
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
About Michael Kan
Senior Reporter
