02.07.2025 11:23

The United States Treasury Department has taken decisive action against the Russia-based Aeza Group, a notorious bulletproof hosting provider accused of fueling ransomware attacks and data breaches globally. This significant move targets not only the company itself but also four key Russian individuals, including CEO Arsenii Penzev, effectively dismantling a crucial piece of cybercriminal infrastructure.

Furthermore, the sanctions resulted in the seizure of a cryptocurrency wallet belonging to Aeza Group, containing approximately $350,000 in digital assets. This forfeiture represents a substantial blow to the organization's financial capabilities and serves as a potent deterrent against future illicit activities. The Office of Foreign Assets Control (OFAC) specifically identified and sanctioned these individuals for their roles in operating and owning Aeza Group.

Based in St. Petersburg, Aeza Group offered specialized services, providing servers and infrastructure for large-scale cyberattacks. Critically, the company is alleged to have supported numerous infamous criminal organizations, including the Meduza and Lumma infostealer operators, BianLian ransomware affiliates, and RedLine infostealer panel users. This underscores Aeza Group's pivotal role in facilitating widespread malicious activity.

The sanctioned cryptocurrency address, operating on the Tron blockchain, served as a central hub for receiving and transferring payments. According to Chainalysis, a leading blockchain analytics firm, Aeza Group cleverly employed payment processors to obfuscate transactions and obscure the origin of customer funds, showcasing a sophisticated level of operational secrecy. Along with Penzev, the sanctions also affect Yurii Meruzhanovich Bozoyan (general director), Vladimir Vyacheslavovich Gast (technical director), and Igor Anatolyevich Knyazev (part-owner). Notably, Penzev and Bozoyan faced prior arrest by Russian authorities on suspicion of connections to the BlackSprut darknet marketplace.

These sanctions effectively freeze all US-based assets linked to the targeted entities and prohibit American citizens from engaging in any financial dealings with them. Penalties for violating these sanctions encompass both civil and criminal repercussions under federal law, highlighting the seriousness of this action and the US government's commitment to combating international cybercrime.