Home / Technology / Global Cyber Takedown: US, UK, Australia Hit Russian Hosts
Global Cyber Takedown: US, UK, Australia Hit Russian Hosts
19 Nov
Summary
- US, UK, and Australia sanctioned a Russian web host for ransomware.
- Sanctioned company allegedly provided servers to cybercriminals.
- LockBit and Play ransomware gangs reportedly used the service.
In a coordinated effort, the governments of the United States, United Kingdom, and Australia have imposed sanctions on a Russia-based web hosting company, Media Land, and its related entities. These measures are a direct response to allegations that the company provided services facilitating ransomware attacks against U.S. victims and critical infrastructure. Officials stated that criminal hackers utilized Media Land for distributed denial-of-service attacks and as a foundational infrastructure for prolific ransomware gangs such as LockBit and BlackSuit.
The sanctions also extend to several executives of Media Land, including its general director, accused of offering servers and technical support to cybercriminals. The U.K. government separately designated Hypercore, a U.K.-based front company linked to another sanctioned bulletproof hosting provider, Aeza Group, which has ties to a Kremlin-backed disinformation organization. These actions make it illegal for citizens and businesses within the three sanctioning nations to conduct transactions with the targeted entities.
Bulletproof hosting providers are known for their resistance to law enforcement actions, making them attractive to malicious actors. U.S. cybersecurity agencies have also issued guidance to help organizations mitigate risks associated with such providers. The ongoing efforts by these nations highlight a concerted push to dismantle the infrastructure supporting global cybercrime.
