The US has imposed sanctions against the Russian Bulletproof hosting company Aeza Group

The US Treasury Department has imposed sanctions on Aeza Group, a Russian company that specializes in bulletproof hosting and provides a safe haven for hackers, ransomware groups and drug traffickers. Its UK branches and a number of key employees, including its CEO, CTO and co-owners, were also targeted.

Aeza Group is based in St. Petersburg and provides infrastructure for malware, phishing sites, C2 servers and darknet markets, including BlackSprut, one of the largest illegal drug markets. The company deliberately ignored law enforcement requests and reports of abuse, making it a “safe haven” for attackers.

• Affiliates of Aeza International Ltd. were also targeted. (UK), Aeza Logistic LLC and Cloud Solutions LLC, as well as key individuals Arseniy Penzev, Yuriy Bozoyan, Vladimir Gast and Igor Knyazev. Penzev was already arrested in April 2025 for organizing a criminal group.

In addition, Aeza Group is involved in hosting for well-known malicious campaigns: BianLian, RedLine, Meduza, Lumma, as well as for influential operations such as Doppelganger and Void Rabisu (RomCom RAT), which acted in the interests of the Russian Federation.

Bulletproof hosting (BPH) is a special service for cybercriminals that guarantees no response to complaints. They are often placed in countries with weak legislation or deliberately vague standards. They allow you to run:

• Ransomware infrastructure
• Dark markets and forums
• Botnet management servers
• Phishing and data theft sites

This is a key link in the cybercriminal ecosystem. Sanctions against Aeza Group are a blow not only to the company, but also to the entire architecture of hacking operations. In the fight against ransomware, it is not enough to catch the perpetrators – you need to cut off the infrastructure where they hide. And this is a signal to other providers: ignoring complaints and cooperating with criminals will no longer go unpunished.