The U.S. Treasury Department has imposed sanctions on the Russia-based Aeza Group, its executives, and their associated cryptocurrency wallets, citing the company's alleged provision of hosting services for ransomware and information stealers.
The Treasury's Office of Foreign Assets Control (OFAC) stated on Tuesday (July 1) that Aeza Group is a "bulletproof" hosting (BPH) service provider suspected of supplying dedicated servers and other computer infrastructure to cybercriminals, assisting them in launching ransomware attacks and stealing sensitive information.
The OFAC sanctions also cover a wallet address holding $350,000 in cryptocurrency, several companies located in Russia and the UK, and four Russian citizens identified as partial owners or executives of Aeza.
Cryptocurrency users frequently fall victim to ransomware and information theft attacks. Blockchain security firm CertiK noted that as of now, the total amount of stolen cryptocurrency in 2025 has reached $2.1 billion, with most losses stemming from sensitive information such as cryptocurrency wallet keys stolen through phishing attacks.
Blockchain analysis firm Chainalysis stated on Tuesday that one of the targets of the OFAC sanctions is a Tron blockchain address, which manages a wallet responsible for processing withdrawals from the Aeza payment processor, transferring funds to multiple cryptocurrency exchanges, and occasionally directly receiving payments from customers for Aeza services.
Chainalysis added, "On-chain analysis and further investigation show that Aeza relies on payment processors to receive payments for hosting services, thereby obscuring the traceability of customer deposits."
Blockchain intelligence company TRM Labs also noted on Tuesday (July 1) that this cryptocurrency wallet regularly withdraws to payment service providers and is associated with other cybercriminal services and the sanctioned Russian cryptocurrency exchange Garantex through intermediary addresses.
OFAC stated that the Aeza Group, based in St. Petersburg, provides BPH services to multiple ransomware and malware gangs, including the operators of Meduza and Lumma information stealers, BianLian ransomware, RedLine information stealer control panels, and the Russian darknet market BlackSprut.
OFAC also sanctioned the so-called "board members" of Aeza, including CEO and partial owner Arsenii Aleksandrovich Penzev, General Manager and partial owner Yurii Meruzhanovich Bozoyan, Chief Technology Officer Vladimir Vyacheslavovich Gast, and another partial owner Igor Anatolyevich Knyazev.
It is reported that after Penzev and Bozoyan were arrested by Russian law enforcement for alleged connections to the illegal darknet market Blacksprut, the company is currently managed by Knyazev.
These sanctions mean that all U.S. assets associated with Aeza and the aforementioned individuals will be frozen. Individuals within the U.S. are prohibited from engaging in financial transactions or any business dealings with them, and violators will face civil and criminal penalties.
Chainalysis stated that the OFAC sanctions represent "another significant move to combat critical cybercrime infrastructure."
The company pointed out, "By sanctioning bulletproof hosting service providers, the U.S. government is not only tracking individual threat actors after attacks occur but is also targeting the supply chain that fuels large-scale cybercrime."
Meanwhile, TRM Labs stated that targeting companies like Aeza can reduce the "surface area for abuse" and provide "potential pressure points" for law enforcement in the ongoing fight against cybercrime.
Related: Musk threatens to establish the "American Party"! The fate of Trump's "Beautiful Big Bill" intertwines with cryptocurrency tax reform.
Original: “U.S. Sanctions Cryptocurrency Wallets Related to Ransomware and Information Theft”
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
