Treasury’s Office of Foreign Assets Control (OFAC) has designated Aeza Group, a Russia-based bulletproof hosting (BPH) provider, for enabling a range of cybercriminal activities, including ransomware operations, credential theft, and darknet drug trafficking.
The sanctions target Aeza Group’s operations, its affiliates, and key executives, as part of a broader campaign to disrupt the cybercrime infrastructure threatening U.S. national security and financial systems.
BPH services are tailored to shield malicious actors from detection and law enforcement. Aeza Group, headquartered in St. Petersburg, Russia, is accused of providing technical infrastructure to ransomware operators including Meduza and BianLian, as well as infostealers like Lumma and RedLine, which have targeted the U.S. defense industrial base and technology firms. The group also hosted infrastructure for Blacksprut, a darknet marketplace trafficking illicit drugs.
OFAC coordinated the action with the UK’s National Crime Agency, jointly sanctioning Aeza International Ltd., a UK-based front company used to lease IP addresses to Meduza operators. Two Russia-based subsidiaries—Aeza Logistic LLC and Cloud Solutions LLC—were also designated.
Treasury officials emphasized the central role of Aeza Group in sustaining illicit cyber and drug trafficking operations. “Cybercriminals continue to rely heavily on BPH service providers like Aeza Group to facilitate disruptive ransomware attacks, steal U.S. technology, and sell black-market drugs,” said Acting Under Secretary for Terrorism and Financial Intelligence Bradley T. Smith.
The sanctions were imposed under Executive Order 13694, as amended by E.O. 14144 and E.O. 14306, which target foreign cyber-enabled threats to U.S. national security and economic stability.
Four individuals affiliated with Aeza were also sanctioned.
The July 1 action follows OFAC’s February designation of ZServers, another BPH operator, and reflects Treasury’s ongoing efforts to expose and dismantle networks enabling cyber and drug crimes globally.
Comments
No comments on this item Please log in to comment by clicking here