OFAC, Australia and UK sanction Russia-based bulletproof hosting provider Media Land

The Department of the Treasury’s Office of Foreign Assets Control (OFAC), Australia’s Department of Foreign Affairs and Trade and the United Kingdom’s Foreign, Commonwealth and Development Office said the coordinated action targets Media Land, described as a Russia-based “bulletproof hosting” (BPH) service provider.

OFAC said it is also designating three members of Media Land’s leadership team and three sister companies, and that the action was taken in coordination with the Federal Bureau of Investigation.

OFAC and the United Kingdom also designated Hypercore Ltd., which the release described as a front company of Aeza Group LLC, a BPH service provider that OFAC said it designated earlier in 2025. OFAC said it is also designating two additional individuals and two entities for having led, materially supported, or acted for Aeza Group.

In the release, OFAC described BPH service providers as selling access to specialized servers and other infrastructure designed to evade detection and defy law enforcement efforts to disrupt malicious cyber activities.

OFAC said Media Land LLC, headquartered in St. Petersburg, Russia, has provided BPH services to criminal marketplaces and ransomware actors, including Lockbit, BlackSuit and Play, and that Media Land infrastructure was used in multiple distributed denial-of-service (DDoS) attacks against U.S. victim companies and critical infrastructure.

OFAC also described ML Cloud as a sister company whose technical infrastructure is often used in conjunction with Media Land, including in ransomware and DDoS attacks.

The release identified Aleksandr Volosovik as Media Land’s general director and said he advertised the business on cybercriminal forums under the alias “Yalishanda.” It identified Kirill Zatolokin as a Media Land employee responsible for collecting customer payments and coordinating with other cyber actors.

OFAC also said it is designating Datavice under Executive Order 13694, as amended, for being owned or controlled by, or acting for or on behalf of, Aeza.

OFAC said that, as a result of the action, all property and interests in property of the designated persons that are in the United States or in the possession or control of U.S. persons are blocked and must be reported to OFAC. OFAC added that entities owned 50% or more, directly or indirectly, by one or more blocked persons are also blocked, and that transactions by U.S. persons or within (or transiting) the United States involving blocked persons are generally prohibited unless authorized or exempt.

OFAC also warned that financial institutions and other persons that engage in certain transactions or activities with the sanctioned entities and individuals may expose themselves to sanctions or be subject to an enforcement action.