The UK, US, and Australia have imposed sanctions on a Russian cyber crime group offering so-called 'bulletproof' hosting services for hackers worldwide.
Media Land provides online infrastructure to support ransomware and phishing operations, and is believed to have played a key role in a spate of devastating cyber attacks in recent years.
Ransomware victims of the outfit include UK critical national infrastructure organizations and it's also been used for malware and phishing campaigns targeting UK taxpayers.
In the US, Media Land infrastructure has been used in distributed denial of service (DDoS) attacks against companies and critical infrastructure. Meanwhile, in Australia, the group has helped criminals to carry out attacks against financial institutions, businesses, their customers, and critical infrastructure.
"Cyber criminals think that they can act in the shadows, targeting hard working British people and ruining livelihoods with impunity," said UK foreign secretary Yvette Cooper.
"But they are mistaken – together with our allies, we are exposing their dark networks and going after those responsible."
The measures target Media Land’s ringleader, Alexander Volosovik, also known as Yalishanda, who has been active since at least 2010 and is known to have worked with some of the most notorious cyber criminal groups, including Evil Corp, LockBit, and Black Basta.
Also sanctioned is Kirill Zatolokin, a Media Land employee responsible for collecting payment from customers and coordinating with other cyber actors, as well as Yulia Pankova, who has helped Volosovik with legal issues and handled his finances.
Sanctions target Media Land sister outfits
The sanctions also target ML Cloud, a Media Land sister company whose technical infrastructure is often used in conjunction with Media Land, including in ransomware and DDoS attacks.
Hypercore, a UK company registered and utilized by Aeza Group, has also been targeted in the international campaign.
The sanctions block access to any assets held in the sanctioning countries, and bar businesses and individuals there from engaging with the listed entities or people. Financial institutions that violate these restrictions can face penalties themselves.
"These sanctions don’t just impose costs on criminals, they dismantle the infrastructure that enables cyber crime," said Australian deputy prime minister Richard Marles.
"By disrupting these networks, we make it harder for others to launch attacks and it strengthens Australia’s resilience against future threats."
Will the sanctions work?
The move marks the latest in a string of actions by governments to crack down on cyber crime-related hosting services.
In July this year, the US Treasury announced plans to impose sanctions on Azea Group, another bulletproof hosting service for its activities. US officials revealed the group has been selling access to specialized services and infrastructure used in a series of ransomware and infostealer malware campaigns.
While this fresh crackdown has been welcomed by security industry stakeholders, John Binns, partner and head of the sanctions practice at BCL Solicitors, said these typically have a limited effect.
"The evidential threshold for designation under the regulations is significantly lower than any in the criminal process, and the real-world impact on sophisticated actors operating primarily in hostile jurisdictions can be modest," he said.
"While sanctions are undoubtedly a valuable addition to the law-enforcement toolkit against transnational cyber crime, they deliver a form of administrative rather than criminal justice and are best viewed as potentially complementing - rather than supplanting - efforts to secure arrests, prosecutions, and asset forfeiture through the courts."
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
- Russia is targeting unpatched vulnerabilities – what can tech leaders do to shore up defenses?
- Are we in a cyber awareness crisis?
- Enterprises need to acknowledge the importance of basic cyber hygiene
-
France is getting its first exascale supercomputer – and it's named after an early French AI pioneerNews The Alice Recoque system will be be France’s first, and Europe’s second, exascale supercomputer
-
Big tech looks set to swerve AI regulations – at least for nowNews President Trump may be planning an executive order against AI regulation as the European Commission delays some aspects of AI Act
-
Thousands of ASUS routers are being hijacked in a state-sponsored cyber espionage campaignNews Researchers believe that Operation WrtHug is being carried out by Chinese state-sponsored hackers
-
IBM AIX users urged to patch immediately as researchers sound alarm on critical flawsNews Network administrators should patch the four IBM AIX flaws as soon as possible
-
Europol hails triple takedown with Rhadamanthys, VenomRAT, and Elysium sting operationsNews The Rhadamanthys infostealer operation is one of the latest victims of Europol's Operation Endgame, with more than a thousand servers taken down
-
Logitech says zero-day attack saw hackers copy 'certain data' from internal IT systemsNews The incident is believed to have formed part of a campaign by the Clop extortion group that targeted customers of Oracle’s E-Business Suite
-
Google wants to take hackers to courtNews You don't have a package waiting for you, it's a scam – and Google is fighting back
-
Laid off Intel engineer accused of stealing 18,000 files on the way outNews Intel wants the files back, so it's filed a lawsuit claiming $250,000 in damages
-
GitHub is awash with leaked AI company secrets – API keys, tokens, and credentials were all found out in the openNews Wiz research suggests AI leaders need to clean up their act when it comes to secrets leaking
-
When cyber professionals go rogue: A former ‘ransomware negotiator’ has been charged amid claims they attacked and extorted businessesNews The attackers are alleged to have demanded ransoms of up to $10 million
