In a coordinated international effort, the United States, the United Kingdom, and Australia have imposed sanctions on Russia-based hosting provider Zservers and its UK-based affiliate, XHOST Internet Solutions LP, for allegedly facilitating cybercrime.
The sanctions, announced on February 11 by the U.S. Treasury’s Office of Foreign Assets Control (OFAC), Australia’s Department of Foreign Affairs and Trade, and the U.K.’s Foreign, Commonwealth & Development Office, impose asset freezes, travel bans, and financial restrictions. These measures effectively cut Zservers off from the global financial system, barring institutions from engaging with the company under threat of penalties.
The regulators accuse Zservers of providing “bulletproof” hosting services—infrastructure that helps cybercriminals evade detection—to LockBit, a notorious ransomware group. They claim that Zservers’ administrators, Alexander Igorevich Mishin and Aleksandr Sergeyevich Bolshakov, knowingly helped LockBit affiliates by reassigning infrastructure to avoid law enforcement scrutiny.
Additionally, Mishin is accused of facilitating crypto transactions linked to ransomware operations, including payments for Zservers’ services used by multiple cybercriminal groups. OFAC has also blacklisted cryptocurrency wallets tied to Mishin and three others, further restricting their financial operations.
A recent Chainalysis report revealed that Zservers processed at least $5.2 million in on-chain transactions, with many ransomware affiliates using the service to transfer funds. Garantex, a sanctioned Russian crypto exchange, reportedly played a key role in cashing out these transactions.
LockBit, first detected in 2019, has been linked to high-profile ransomware attacks on corporations and government agencies, including Bangkok Airways, Accenture, and Canadian government services.
This latest enforcement action follows a February 2024 international law enforcement operation involving the Federal Bureau of Investigation (FBI), the UK’s National Crime Agency (NCA), and Europol, which successfully dismantled LockBit’s infrastructure. The U.S. Department of Justice later charged a Russian national for allegedly serving as a developer for the group. Officials say these efforts aim to disrupt cybercriminal financial networks and protect critical infrastructure worldwide.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
