- The US government has identified and sanctioned an HBP supplier linked to Russia
- The British National Crime Agency has helped identify a British front
- Sanctions may not affect Russian attackers
Aeza Group, a Russian accommodation supplier to the bullet test and four affiliates were sanctioned by the US government to support ransomware and cybercrime, marking the second time this year that the United States has sanctioned accommodation providers to the balloon test.
Balayed accommodation suppliers (BPH) are web hosting companies that knowingly facilitate illicit or malicious activities by ignoring requests for application of the law, and the AEZA group has been linked to a handful of known attacks.
The group has specifically provided infrastructure to the Bianlian ransomware group, which would operate in Russia, as well as infostealer operations like Meduza and Lumma.
The Russian HBP supplier has received American sanctions
It is believed that Bianlian has targeted critical infrastructure in the United States as well as notable organizations like Save The Children. Previously known for the encryption of ransomware, the attackers began to focus on data exfiltration and extortion at the beginning of 2024.
In addition to sanctioning the AEZA group registered in Russia, the United States has also sanctioned Aeza International, the British British British subsidiary, thanks to the British National Crime Agency. Arsenii Aleksandrovich Penzev, Yurii Merzhanovich Bozoyan and Igor Anatolyevich Knyazev are the three key faces associated with Aeza, each with a third of the company.
“The Treasury, in close coordination with the United Kingdom and our other international partners, remains resolved to exhibit the critical nodes, the infrastructures and the individuals underlying this criminal ecosystem,” said under the secretary of terrorism and financial intelligence Bradley T Smith.
Sanctions mean that US companies have been prohibited from getting involved with Aeza Group, but the HBP supplier apparently attracts a mainly Russian clientele, American sanctions are unlikely to have a significant impact on how Russian attackers use the host to the test of the balls.
“The violations of American sanctions can lead to the taxation of civil or criminal sanctions on people and foreigners,” confirms a press release from the Treasury.
In addition to attacking supplier BPH, the American authorities also recently treated Lumma by entering five internet areas used for the malicious information thief software service.
