Article Details

US, UK, Australia sanction Lockbit gang’s hosting provider. ‘Bulletproof’ hosts partly dodged the last attack of this sort. US, UK, Australia sanction Lockbit gang’s hosting provider ‘Bulletproof’ hosts partly dodged the last attack of this sort Cybercrime fighters in the US, UK, and Australia have imposed sanctions on several Russia-linked entities they claim provide hosting services to ransomware gangs Lockbit, BlackSuit, and Play. The sanctions target an organization called “Media Land,” an entity that the US Department of Treasury describes as a provider of hosting services to “criminal marketplaces and ransomware actors” and which allowed its infrastructure to be used for “multiple distributed denial-of-service (DDOS) attacks against U.S. victim companies and critical infrastructure.” Australia’s Federal Police added “malware infections, and scams” to Media Land’s rap sheet, while the UK’s National Crime Agency accused the group of enabling phishing attacks. The three nations hope that sanctions will impact Media Land’s ability to facilitate those attacks, by forbidding their citizens and banks from working with the company and associated entities. This action is the third strike against Russia’s “bulletproof” crimeware hosts this year, after the January takedown of Zservers and the July imposition of sanctions against the Aeza Group. The three nations all claim their fresh sanctions strike a blow against cybercrime. The Brits even say their part of the op “smashes Russian cybercrime networks.” That may be premature, as the USA’s announcement includes news that it has continued its actions against Aeza which it says “initiated a rebranding strategy focusing on removing any connections between Aeza and their new technical infrastructure.” One step in that rebranding process saw Aeza use a UK-based entity called Hypercore Ltd as a new home for its IP infrastructure, in the hope that doing so would help the Russian outfit evade sanctions. Treasury has now sanctioned Hypercore, too. The fresh round of sanctions also targets individuals including Aleksandr Volosovik, the alleged general director of Media Land, and Yulia Pankova who apparently helped him with legal and financial issues. Here’s a snap of the duo provided by US Treasury. Alleged Media Land BPH operatives Aleksandr Volosovik and Yulia Pankova - Click to enlarge There you have it, dear reader, the alleged faces of cybercrime – without a hoodie in sight.