Skip to content
All about technology.

U.S. Authorities Impose Sanctions on Russian Web Host for Aiding Cryptocurrency Theft

Treasury of the United States Identifies and Sanctions a Russian Company Connected to Ransomware, Data Theft Software, and Underground Cryptocurrency Drug Markets

 and  Administrator
3 min read
U.S. Imposes Sanctions on Russian Web Hosting Service for Facilitating Cryptocurrency Theft
U.S. Imposes Sanctions on Russian Web Hosting Service for Facilitating Cryptocurrency Theft

U.S. Authorities Impose Sanctions on Russian Web Host for Aiding Cryptocurrency Theft

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has imposed sanctions on the Russian Aeza Group and three affiliated companies: Aeza International Ltd. (UK-based front company), Aeza Logistics LLC, and Cloud Solutions LLC. These entities, operating as bulletproof hosting (BPH) providers, offer resilient and law-enforcement-resistant server infrastructure to cybercriminals for conducting ransomware campaigns, infostealer malware distribution, and darknet market activities.

The services offered by Aeza Group are critical enablers for ransomware operators, credential stealers, and illicit marketplaces. According to reports, the sanctioned entities have hosted infrastructure for ransomware groups, such as BianLian, and infostealer operations, including Meduza and Lumma. Aeza Group has also supported RedLine infostealer panels and the notorious darknet drug marketplace Blacksprut, which traffics narcotics globally, including into the U.S.

The sanctions freeze all U.S.-based assets of these entities and individuals and prohibit any transactions with U.S. persons, reflecting a strong stance against cybercrime facilitators. The leadership of Aeza Group includes four designated individuals: Arsenii Aleksandrovich Penzev (CEO), Yurii Meruzhanovich Bozoyan (General Director), Vladimir Vyacheslavovich Gast (Technical Director), and Igor Anatolyevich Knyazev.

A notable connection to the sanctions is the cryptocurrency wallet associated with Aeza Group. Chainalysis identified a cryptocurrency address linked to the sanctioned entities, which was used to facilitate payments for their illicit services. This wallet reportedly contains over $350,000 in illicit funds, linking the sanctioned entities directly to cryptocurrency flows used to support and monetize cybercriminal activities such as ransomware attacks and darknet drug sales.

In summary:

| Entity | Role | Connection to Cryptocurrency | |---------------------------------|-------------------------------------------|------------------------------------------------| | Aeza Group (Russia) | Bulletproof hosting provider facilitating ransomware, infostealers, darknet drug markets | Crypto wallet with $350,000+ illicit funds used for payments and services | | Aeza International Ltd. (UK) | Front company leasing IP infrastructure | Part of Aeza Group’s network | | Aeza Logistics LLC | Affiliate company supporting operations | Part of the network | | Cloud Solutions LLC | Affiliate company supporting operations | Part of the network | | Four senior executives | Leadership of Aeza Group | Accountable persons for operations |

These sanctions demonstrate coordinated efforts by U.S. and UK authorities to disrupt the infrastructure underpinning cybercrime and illicit digital asset flows. Violations of these sanctions may result in civil or criminal penalties. The designated crypto wallet displays links to the sanctioned exchange Garantex and other cybercrime services. The Secret Service seized Garantex in March this year.

The sanctions block all property and interests of the designated parties within the U.S. or under the control of U.S. persons. OFAC's action includes the designation of a crypto wallet linked to over $350,000 in illicit funds associated with Aeza Group. The leadership team of Aeza Group includes CEO Arsenii Penzev and General Director Yurii Bozoyan, both previously arrested by Russian authorities for hosting drug marketplaces. U.S. entities are generally prohibited from conducting transactions involving those named.

Sources: [1] The Daily Debrief Newsletter [2] Chainalysis [3] OFAC [4] The Secret Service [5] The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC)

  1. The crypto wallet linked to Aeza Group, a Russian bulletproof hosting provider, has been identified by Chainalysis and contains over $350,000 in illicit funds, making it a critical aspect of their cryptocurrency network.
  2. The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has designated a crypto wallet associated with Aeza Group as part of its sanctions against the Russian entity, which also includes the seizure of the cryptocurrency exchange Garantex.
  3. The Aeza Group, a facilitator of ransomware, infostealers, and darknet drug markets, has been sanctioned by the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) due to their alleged involvement in hosting infrastructure for various cybercrime activities.
  4. The sanctions imposed on the Aeza Group and affiliated companies include a prohibition on any transactions with U.S. persons, in an effort to disrupt the infrastructure underpinning cybercrime and illicit digital asset flows.
  5. In addition to the designated crypto wallet, the Digital Asset Waterfall sanctions also target four senior executives within Aeza Group: Arsenii Aleksandrovich Penzev (CEO), Yurii Meruzhanovich Bozoyan (General Director), Vladimir Vyacheslavovich Gast (Technical Director), and Igor Anatolyevich Knyazev.
  6. The cryptocurrency mining and storage technology, such as hardware wallets like Ledger, can play an essential role in securing digital assets, but in the wrong hands, they can also become tools for facilitating illicit activities like those perpetrated by the Aeza Group.

Read also:

    Related

    Latest