Source URL: https://www.theregister.com/2025/02/11/aukus_zservers_lockbit_sanctions/
Source: The Register
Title: AUKUS blasts holes in LockBit’s bulletproof hosting provider
Feedly Summary: UK foreign secretary says Putin is running a ‘corrupt mafia state’
One of the bulletproof hosting (BPH) providers used by the LockBit ransomware operation has been hit with sanctions in the US, UK, and Australia (AUKUS), along with six of its key allies.…
AI Summary and Description: Yes
Summary: The text discusses the sanctions imposed on the bulletproof hosting provider Zservers for its involvement with the LockBit ransomware operation, emphasizing the global effort to combat cybercrime and enhance national security. This development is significant for cybersecurity professionals and organizations focusing on ransomware threats and the infrastructures supporting them.
Detailed Description:
– **Sanctions Overview**:
– Zservers, a bulletproof hosting (BPH) provider based in Russia, faced sanctions from the US, UK, and Australia for its connections to the LockBit ransomware group.
– The company allegedly provided infrastructure used in ransomware attacks, facilitating criminal activities against critical infrastructure.
– **Timeline and Evidence**:
– The connection between Zservers and LockBit was established in 2022 during a Canadian law enforcement operation, where evidence indicated Zservers was used for hosting chatrooms with ransomware victims.
– **Statements from Officials**:
– Bradley T. Smith, from the US Treasury, highlighted the reliance of ransomware actors on infrastructure provided by companies like Zservers, indicating the importance of targeting such entities to disrupt cybercriminal operations.
– UK officials mentioned that the sanctions target illicit actors inside Russia, with Foreign Secretary David Lammy condemning the actions of the Russian state in fostering a cybercriminal environment.
– **Impact of Bulletproof Hosting**:
– Bulletproof hosting services are designed to be resistant to law enforcement actions, enabling various cybercrimes including ransomware attacks, child exploitation, misinformation, and hate speech.
– The FCDO claimed that interrupting these services could significantly affect other criminals reliant on hosting services.
– **Key Individuals Sanctioned**:
– The sanctions list included six individuals linked to Zservers, with notable figures like Alexander Mishin and Aleksandr Bolshakov managing BPH services for ransomware and cryptocurrency transactions related to these attacks.
– The actions taken imply a coordinated effort by global partners to dismantle infrastructures that support criminal networks.
– **Criminal and Civil Liabilities**:
– Business dealings with the sanctioned entities may lead to criminal charges under the Sanctions and Anti-Money Laundering Act 2018 in the UK, highlighting the legal consequences of engaging with such providers.
This incident underscores the evolving challenges in cybersecurity, specifically the need for robust measures against BPH services that support ransomware operations. Organizations should continually assess their supply chains and hosting services to mitigate risks associated with cyber threats.