The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has announced sanctions against the Russia-based bulletproof hosting service provider, Aeza Group, which has been implicated in facilitating a variety of cybercriminal activities. This includes assisting malicious actors in targeting victims in both Russia and internationally.
The sanctions extend not only to Aeza Group but also to its subsidiaries, including Aeza International Ltd. in the U.K., and Aeza Logistic LLC, Cloud Solutions LLC. Furthermore, four key individuals, including CEO Arsenii Aleksandrovich Penzev and general director Yurii Meruzhanovich Bozoyan, are also subject to these sanctions.
Penzev was previously arrested in April 2025 on charges of leading a criminal organization, hosting the illicit drugs marketplace **BlackSprut** on the dark web. This underscores the significant role bulletproof hosting providers play in enabling various cybercrime ventures. “Cybercriminals continue to rely heavily on BPH service providers like Aeza Group to facilitate disruptive ransomware attacks, steal U.S. technology, and sell black-market drugs,” stated Bradley T. Smith, Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence.
Headquartered in St. Petersburg, Aeza Group has reportedly leased its services to several cybercriminal families, including BianLian, RedLine, Meduza, and Lumma. These groups have specifically targeted U.S. defense industrial base companies and technology firms. A report last July indicated that Aeza’s infrastructure has also been linked to pro-Russian disinformation operations, reflecting the intertwined nature of cybercrime and geopolitical agendas.
In recent months, the U.S. Treasury’s actions have increasingly targeted the ransomware supply chain, with the sanctions against Zservers earlier this year illustrating a comprehensive approach to dismantling cybercriminal infrastructures. As investigation techniques evolve, the focus on sanctioned entities and their operations will play a crucial role in modern cybersecurity strategies.