The U.S. Department of the Treasury, through its Office of Foreign Assets Control (OFAC), has imposed sanctions on Russia-based Aeza Group.
Aeza Group is a known bulletproof hosting (BPH) service provider, for allegedly supporting cybercriminal operations.
According to OFAC, Aeza Group has provided specialized server infrastructure that enabled ransomware operators and info-stealer malware groups to carry out data theft and extortion campaigns.Â
The sanctions extend not only to the Aeza Group itself but also to several affiliated companies in Russia and the United Kingdom, as well as four Russian nationals believed to be key figures in the organization.
$350,000 in Crypto Frozen as Wallet Linked to Cybercrime Identified
A critical part of the sanctions targets a cryptocurrency wallet holding approximately $350,000, which OFAC believes was used to process payments for Aeza’s illegal hosting services.
The wallet, hosted on the Tron blockchain, reportedly acted as an administrative address through which Aeza received payments and forwarded funds to various crypto exchanges.
Blockchain intelligence firms Chainalysis and TRM Labs revealed that the wallet functioned as part of Aeza’s payment infrastructure.
They obscured the origins of customer deposits and linked the group to other sanctioned cybercrime entities, including the Russian exchange Garantex.
The Treasury’s actions aim to disrupt this flow of illicit funds and sever Aeza’s financial lifelines.
Also Read: Binance Announce Access to Syrian Residents Following Easing of U.S. Sanctions on Syria
Aeza Tied to Major Ransomware and Malware Syndicates
The Treasury’s investigation alleges that Aeza’s infrastructure supported several notorious cybercriminal organizations.
These include ransomware and information-stealing malware groups such as Meduza, Lumma infostealer, BianLian ransomware, RedLine panels, and the Russian darknet marketplace BlackSprut.
OFAC stated that Aeza’s services allowed these actors to host and distribute malicious tools while evading law enforcement and takedown attempts.
These allegations underline the growing global concern over bulletproof hosting services acting as critical enablers of cybercrime by offering infrastructure with little to no oversight or accountability.
Also Read: U.S. Treasury Sanctions Crypto Addresses Linked to Russia’s Garantex in Houthi Funding Crackdown
Leadership and Enforcement Actions Deepen Sanctions Impact
In a significant escalation, OFAC also sanctioned members of Aeza’s leadership.
The list included CEO Arsenii Aleksandrovich Penzev, general director Yurii Meruzhanovich Bozoyan, technical director Vladimir Vyacheslavovich Gast, and part-owner Igor Anatolyevich Knyazev.
Notably, Penzev and Bozoyan have reportedly been arrested by Russian authorities over their alleged ties to the darknet marketplace BlackSprut, while Knyazev is believed to have assumed control of the company.
The sanctions freeze all U.S.-based assets connected to the individuals and entities involved and prohibit any U.S. persons or businesses from engaging in transactions with them.
Violations of these measures may lead to severe civil or criminal penalties, signaling the Treasury’s heightened stance against entities facilitating cybercrime.
Also Read: U.S. Treasury Sanctions Myanmar’s Karen National Army For Crypto Scams