The US, UK, and Australia just imposed sanctions on a Russian cyber crime group – 'we are exposing their dark networks and going after those responsible'
Media Land offers 'bulletproof' hosting services used for ransomware and DDoS attacks around the world
The UK, US, and Australia have imposed sanctions on a Russian cyber crime group offering so-called 'bulletproof' hosting services for hackers worldwide.
Media Land provides online infrastructure to support ransomware and phishing operations, and is believed to have played a key role in a spate of devastating cyber attacks in recent years.
Ransomware victims of the outfit include UK critical national infrastructure organizations and it's also been used for malware and phishing campaigns targeting UK taxpayers.
In the US, Media Land infrastructure has been used in distributed denial of service (DDoS) attacks against companies and critical infrastructure. Meanwhile, in Australia, the group has helped criminals to carry out attacks against financial institutions, businesses, their customers, and critical infrastructure.
"Cyber criminals think that they can act in the shadows, targeting hard working British people and ruining livelihoods with impunity," said UK foreign secretary Yvette Cooper.
"But they are mistaken – together with our allies, we are exposing their dark networks and going after those responsible."
The measures target Media Land’s ringleader, Alexander Volosovik, also known as Yalishanda, who has been active since at least 2010 and is known to have worked with some of the most notorious cyber criminal groups, including Evil Corp, LockBit, and Black Basta.
Also sanctioned is Kirill Zatolokin, a Media Land employee responsible for collecting payment from customers and coordinating with other cyber actors, as well as Yulia Pankova, who has helped Volosovik with legal issues and handled his finances.
Sanctions target Media Land sister outfits
The sanctions also target ML Cloud, a Media Land sister company whose technical infrastructure is often used in conjunction with Media Land, including in ransomware and DDoS attacks.
Hypercore, a UK company registered and utilized by Aeza Group, has also been targeted in the international campaign.
The sanctions block access to any assets held in the sanctioning countries, and bar businesses and individuals there from engaging with the listed entities or people. Financial institutions that violate these restrictions can face penalties themselves.
"These sanctions don’t just impose costs on criminals, they dismantle the infrastructure that enables cyber crime," said Australian deputy prime minister Richard Marles.
"By disrupting these networks, we make it harder for others to launch attacks and it strengthens Australia’s resilience against future threats."
Will the sanctions work?
The move marks the latest in a string of actions by governments to crack down on cyber crime-related hosting services.
In July this year, the US Treasury announced plans to impose sanctions on Azea Group, another bulletproof hosting service for its activities. US officials revealed the group has been selling access to specialized services and infrastructure used in a series of ransomware and infostealer malware campaigns.
While this fresh crackdown has been welcomed by security industry stakeholders, John Binns, partner and head of the sanctions practice at BCL Solicitors, said these typically have a limited effect.
"The evidential threshold for designation under the regulations is significantly lower than any in the criminal process, and the real-world impact on sophisticated actors operating primarily in hostile jurisdictions can be modest," he said.
"While sanctions are undoubtedly a valuable addition to the law-enforcement toolkit against transnational cyber crime, they deliver a form of administrative rather than criminal justice and are best viewed as potentially complementing - rather than supplanting - efforts to secure arrests, prosecutions, and asset forfeiture through the courts."
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
- Russia is targeting unpatched vulnerabilities – what can tech leaders do to shore up defenses?
- Are we in a cyber awareness crisis?
- Enterprises need to acknowledge the importance of basic cyber hygiene
-
AI Fatigue: Is the backlash against AI already here?Feature The proliferation of AI tools in the market is creating confusion, decision paralysis, and declining productivity…
-
Epson EcoTank ET-4956 reviewReviews This refillable inkjet MFP does everything you need in a small office – it's compact and cheap to run, too
-
NHS supplier DXS International confirms cyber attack – here’s what we know so farNews The NHS supplier says front-line clinical services are unaffected
-
LastPass hit with ICO fine after 2022 data breach exposed 1.6 million users – here’s how the incident unfoldedNews The impact of the LastPass breach was felt by customers as late as December 2024
-
Researchers claim Salt Typhoon masterminds learned their trade at Cisco Network AcademyNews The Salt Typhoon hacker group has targeted telecoms operators and US National Guard networks in recent years
-
Trend Micro issues warning over rise of 'vibe crime' as cyber criminals turn to agentic AI to automate attacksNews Trend Micro is warning of a boom in 'vibe crime' - the use of agentic AI to support fully-automated cyber criminal operations and accelerate attacks.
-
Cyber budget cuts are slowing down, but that doesn't mean there's light on the horizon for security teamsNews A new ISC2 survey indicates that both layoffs and budget cuts are on the decline
-
NCSC issues urgent warning over growing AI prompt injection risks – here’s what you need to knowNews Many organizations see prompt injection as just another version of SQL injection - but this is a mistake
-
Chinese hackers are using ‘stealthy and resilient’ Brickstorm malware to target VMware servers and hide in networks for months at a timeNews Organizations, particularly in the critical infrastructure, government services, and facilities and IT sectors, need to be wary of Brickstorm
-
AWS CISO Amy Herzog thinks AI agents will be a ‘boon’ for cyber professionals — and teams at Amazon are already seeing huge gainsNews AWS CISO Amy Herzog thinks AI agents will be a ‘boon’ for cyber professionals, and the company has already unlocked significant benefits from the technology internally.
