UK, US, Australia Sanction Russian Cyber Host Media Land

In a significant move to combat global cybercrime, the United Kingdom, United States, and Australia have jointly imposed sanctions against three prominent bulletproof hosting providers and four Russian executives. The targeted companies, Media Land, ML.Cloud, and Aeza Group, are accused of supplying critical infrastructure to ransomware operators and other malicious cyber actors. Alexander Volosovik, also known as Yalishanda, who leads Media Land, is specifically cited for his long-standing support of cybercriminal enterprises. Additional individuals facing sanctions include Yulia Pankova, Kirill Zatolokin, and Andrei Kozlov. The US further sanctioned Hypercore, a UK-registered entity identified as a front for Aeza Group.

Bulletproof hosting services play an essential role in the cybercrime underworld by offering online resources that are deliberately structured to evade law enforcement scrutiny. These providers grant threat actors the digital real estate needed to launch attacks, store stolen data, and manage illicit operations with reduced risk of disruption. The British government estimates that cyber-attacks drained £14.7 billion from the UK economy in 2024, representing approximately half a percent of the nation’s GDP.

The newly sanctioned organizations are believed to have enabled a range of notorious ransomware and malware groups, including Meduza, Lumma Stealer, BianLian, RedLine, LockBit, Play, and BlackSuit. Aeza Group had previously been penalized for supplying bulletproof hosting to the Russian disinformation network Social Design Agency. According to the UK’s National Crime Agency, Alexander Volosovik has been active since at least 2010 and maintains associations with cybercrime syndicates such as Evil Corp, LockBit, and Black Basta.

These coordinated sanctions authorize the seizure of property and business assets located within the US, UK, and Australia. They also severely restrict the ability of these entities to conduct financial transactions through Western banking systems, effectively cutting off their access to legitimate economic channels.

![Image: A symbolic representation of digital security and international cooperation against cybercrime.]

Legal and cybersecurity experts have praised the international action. Wayne Cleghorn, a technology and cybersecurity partner at Excello Law, described the move as a vital use of allied intelligence to dismantle key components of the cybercrime supply chain. He emphasized that cybercrime and cyber-espionage represent a clear and present danger to online safety, e-commerce, intellectual property, and the cost of everyday goods and services. Cleghorn noted that Russia serves as the epicenter for many of the world’s most advanced and persistent cyber gangs, and efforts to eliminate these threats contribute to a safer digital environment for all.

Paul Foster, head of the NCA’s National Cyber Crime Unit, stated that the sanctions will damage the reputation of these companies as reliable safe havens for criminal activity. He explained that services like those provided by Media Land and Aeza Group are fundamental enablers for cybercriminals, and these measures will hinder their capacity to plan, execute, and profit from illegal schemes. Foster added that the action supports broader law enforcement objectives to dismantle the “bulletproof” protection offered by illicit hosting services, thereby weakening the entire cybercrime ecosystem.

In a related development, the Five Eyes intelligence alliance, comprising the UK, US, Australia, Canada, and New Zealand, released updated guidance to assist internet service providers and network defenders in identifying and mitigating malicious activities facilitated by bulletproof hosting providers.

(Source: Info Security)