The United States, United Kingdom, and Australia have jointly imposed sanctions on a Russian “bulletproof” web hosting provider, Media Land, along with several affiliated companies and executives, accusing them of enabling ransomware attacks and other cyber operations targeting U.S. victims and critical infrastructure. According to the U.S. Treasury, the coordinated action focuses on Media Land and three related entities, including their general director known online as Yalishanda who allegedly offered infrastructure and technical support to cybercriminals.
Authorities say Media Land’s services were routinely used to launch distributed denial-of-service attacks and to host tools used by some of the world’s most aggressive ransomware gangs, including LockBit, BlackSuit, and Play. Investigators allege that multiple employees within the organization knowingly collaborated with criminal operators, bolstering the company’s reputation as a haven for illicit activity.
“Bulletproof” hosting providers typically market themselves as resistant to law enforcement pressure, takedowns, and legal demands, making them attractive to hackers seeking reliable infrastructure for phishing campaigns, malware delivery, and ransomware operations. U.S. officials argue that services like those offered by Media Land form a crucial backbone for global cybercrime networks, though they did not disclose specific victims affected by the attacks tied to the company.
The U.K.’s Foreign Office also announced sanctions on Hypercore, a U.K.-registered firm allegedly operating as a front for the Aeza Group, another bulletproof hosting provider previously sanctioned by the United States. British officials say Aeza maintains links to Russia’s Social Design Agency, a Kremlin-associated disinformation outfit. With the new sanctions in place, individuals and businesses in the U.S., U.K., and Australia are now prohibited from conducting any transactions with the listed companies or individuals.
In addition to the sanctions, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) released new guidance aimed at helping organizations mitigate risks associated with bulletproof hosting providers.
The recommendations encourage companies to strengthen network monitoring, improve incident response procedures, and adopt more robust cybersecurity controls as governments continue ramping up efforts to disrupt the digital ecosystems that enable organized cybercrime