- These Sony headphones deliver premium sound and comfort - without the premium price
- The LG soundbar I prefer for my home theater slaps with immersive audio - and it's not the newest model
- Samsung's new flagship laptop rivals the MacBook Pro, and it's not just because of the display
- Email marketing is back and big social is panicking - everything you need to know
- Revisiting Docker Hub Policies: Prioritizing Developer Experience | Docker
US, UK and Australia Hit Bulletproof Hoster Zservers with Sanctions
The UK, US and Australia have announced joint sanctions against a bulletproof hoster (BPH), its UK front company and six individuals for helping notorious ransomware-as-a-service outfit LockBit, and others.
Allegedly headquartered in the Siberian city of Barnaul, Zservers forms a crucial part of the cybercrime supply chain. BPH firms offer takedown-proof, anonymous web hosting services to cybercrime groups for command-and-control (C2) servers, data leak sites, hosting dark web market pages, and much more.
According to the US Treasury, Zservers leased numerous IP addresses to LockBit affiliates to host chat servers, as well as other infrastructure.
“Ransomware actors and other cybercriminals rely on third-party network service providers like Zservers to enable their attacks on U.S. and international critical infrastructure,” said acting under secretary of the Treasury for terrorism and financial intelligence, Bradley Smith.
“Today’s trilateral action with Australia and the United Kingdom underscores our collective resolve to disrupt all aspects of this criminal ecosystem, wherever located, to protect our national security.”
Read more on BPH takedowns: Authorities Take Down Lolek Bulletproof Hosting Provider
The British government also named XHost, a company it said acted as a front for Zservers in the UK, on the sanctions list.
The six Russian men on the list, named solely as “employees” by the government, are:
- Aleksandr Bolshakov
- Aleksandr Mishin
- Ilya Sidorov
- Dmitriy Bolshakov
- Igor Odintsov
- Vladimir Ananev
Mishin is named by the US Treasury as an administrator who marketed Zservers’ BPH services to cybercriminals, while his colleague Bolshakov is said to have helped to switch IP addresses during a ransomware attack, after a complaint by a Lebanese company.
“Putin has built a corrupt mafia state driven by greed and ruthlessness. It is no surprise that the most unscrupulous extortionists and cybercriminals run rampant from within his borders,” said UK foreign secretary, David Lammy.
“This government will continue to work with partners to constrain the Kremlin and the impact of Russia’s lawless cyber underworld. We must counter their actions at every opportunity to safeguard the UK’s national security.”
The action follows Operation Cronos, a large-scale UK-led law enforcement effort last year that largely helped to take down LockBit. It also follows sanctions by the US, UK and Australia last year against Russian outfit Evil Corp.
It remains to be seen how effective these are, given the sheer number of BPH providers and the fact most are located in Russia or former Soviet nations. Cybercrime groups like Evil Corp have also rebranded in the past in a bid to avoid sanctions.
