The U.S. government has imposed sanctions on Russian-based Zservers, a bulletproof hosting provider accused of facilitating ransomware attacks orchestrated by the notorious LockBit hacking group. The move comes as part of a broader effort to dismantle cybercriminal infrastructure enabling large-scale cyberattacks.
Zservers: A Hub for Cybercriminal Operations
Zservers, a company operating out of Barnaul, Russia, specializes in bulletproof hosting—services designed to shield cybercriminals from law enforcement scrutiny. By renting out IP addresses, servers, and domains, the company has allegedly enabled malicious actors to spread malware, build botnets, and execute cyber fraud schemes with impunity.
The U.S. Treasury Department, in coordination with officials from Australia and the United Kingdom, announced joint sanctions against Zservers and two key Russian nationals: Alexander Igorevich Mishin and Aleksandr Sergeyevich Bolshakov, both of whom played central roles in administering the company’s illicit activities.
“Ransomware actors and other cybercriminals rely on third-party network service providers like Zservers to enable their attacks on U.S. and international critical infrastructure,” stated Bradley Smith, Acting Undersecretary of the Treasury for Terrorism and Financial Intelligence. “Today’s trilateral action with Australia and the United Kingdom underscores our collective resolve to disrupt all aspects of this criminal ecosystem, wherever located.”
Ties to LockBit and Global Cyber Threats
U.S. officials have confirmed that Zservers played a significant role in supporting LockBit’s ransomware operations, including its high-profile 2023 attack on the Industrial Commercial Bank of China. LockBit affiliates regularly leased IP addresses from Zservers to evade detection and execute their cyberattacks.
Blockchain analysis firm Elliptic has further corroborated these findings, establishing a clear connection between Zservers and the LockBit network.
Meanwhile, the U.K. government has issued parallel sanctions against six additional individuals linked to Zservers, including Ilya Sidorov, Dmitriy Bolshakov, Igor Odintsov, and Vladimir Ananev. These sanctions also target a U.K.-registered front company, XHOST Internet Solutions LP, accused of facilitating cybercriminal activities.
U.K. Minister of State for Security Dan Jarvis reinforced the severity of the issue, stating, “Denying cybercriminals the tools of their trade weakens their capacity to do serious harm to the UK.”
A Corrupt Ecosystem of Cybercrime
In condemning the role of Russian-based cybercriminals, U.K. Foreign Secretary David Lammy remarked that Russian President Vladimir Putin has built a corrupt mafia state driven by greed and ruthlessness.
“It is no surprise that the most unscrupulous extortionists and cybercriminals run rampant from within his borders.”
The U.S. government has tied these latest sanctions to previous actions against Russian ransomware operative Alexander Ermakov and members of the Evil Corp cybercrime syndicate. Despite global law enforcement crackdowns, these groups have repeatedly attempted to re-establish themselves, recycling stolen data from past breaches while continuing to conduct new cyberattacks.
State Department spokesperson Tammy Bruce underscored the persistent threat posed by Russian-backed cybercriminals, stating, “Russia continues to offer safe harbor for cybercriminals, allowing them to launch attacks against the United States and its allies without consequences.”
A Global Crackdown on Bulletproof Hosting Services
In recent years, law enforcement agencies have intensified efforts to dismantle bulletproof hosting services, extraditing key figures and securing significant convictions.
- In 2023, law enforcement took down Lolek Hosted, another bulletproof hosting provider.
- Mihai Ionut Paunescu, a key figure behind PowerHost[.]ro, received a three-year federal prison sentence for his role in operating a similar service.
- Aleksandr Grichishkin, a Russian national, was sentenced to five years for founding and managing a bulletproof hosting network.
- Pavel Stassi of Estonia and Aleksandr Shorodumov of Lithuania were both sentenced to over two years in prison for running a bulletproof hosting operation responsible for cyberattacks on U.S. targets between 2009 and 2015.
- A 33-year-old U.S. citizen from Illinois was previously sentenced for operating DownThem.org and AmpNode.com, two DDoS facilitation websites that also provided bulletproof hosting.
With the latest sanctions against Zservers and its leadership, U.S. authorities are signaling that the crackdown on cybercriminal infrastructure will continue. Law enforcement agencies worldwide remain committed to dismantling the networks that enable ransomware groups to extort businesses, institutions, and government entities.
Help us bring real change! Corporate lobbying has corrupted our system for too long, and it’s time to take action. Please sign and share this petition—your support is crucial in restoring accountability to our government. Every signature counts! Thank you!
https://www.ipetitions.com/petition/restore-our-republic-end-lobbying
Support truth, health, and preparedness by shopping the Alex Jones Store through our link. Every purchase helps sustain independent voices and earns us a 10% share to fuel our mission. Shop now and make a difference!
https://thealexjonesstore.com?sca_ref=7730615.EU54Mw6oyLATer7a
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
