U.S. Imposes Sanctions on Russian Cyber Infrastructure Firm Linked to Global Threats
The United States has imposed sweeping sanctions on Aeza Group, a Russian cyber infrastructure provider accused of enabling a broad array of cybercriminal activities across the globe, including attacks on U.S. defense and technology sectors.
The Gaze reports on this with reference the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC).
OFAC announced the measures, designating Aeza Group, two affiliated entities, and four senior executives for their role in supporting illicit operations ranging from ransomware deployment to information theft and narcotics distribution via the dark web.
Headquartered in St. Petersburg, Aeza Group specializes in so-called “bulletproof hosting” (BPH) services – server infrastructure intentionally designed to shield cybercriminals from detection and law enforcement.
According to OFAC, Aeza provided such services to threat actors behind prominent malware and ransomware families, including Meduza, Lumma, and BianLian.
These operations have targeted a wide spectrum of victims, including U.S. defense contractors, high-tech firms, and individuals worldwide.
The data stolen through infostealer malware is often sold on dark web markets, fueling a criminal ecosystem built around identity theft, fraud, and extortion.
In coordination with the United Kingdom’s National Crime Agency (NCA), OFAC also sanctioned a front company associated with Aeza Group registered in the UK, underscoring the global reach of the network.
The U.S. Treasury highlighted Aeza’s role in facilitating the distribution of ransomware tools and managing infrastructure linked to RedLine and BlackSprut – the latter associated with one of Russia’s largest dark net narcotics marketplaces.
“All property and interests in property of the designated or blocked persons described above that are in the United States or in the possession or control of U.S. persons are blocked,” OFAC stated.
The agency also clarified that any company in which a sanctioned party holds a 50% or greater interest is subject to the same restrictions.
As The Gaze reported earlier, the UK and ten allied nations have jointly exposed a coordinated cyber espionage campaign by Russia's military intelligence service, targeting logistics and technology organisations crucial to Western support for Ukraine.