Britain U.S., Australia sanction Russian cybercrime group Media Land

Treasury Secretary Scott Bessent walks with Health and Human Services Secretary Robert F. Kennedy Jr. On Wenesday, the Department of Treasury announced it, along with the United Kingdom and Australia, has sanctioned a Russian cybercrime group. Photo by Bonnie Cash/UPI | License Photo

Nov. 19 (UPI) — Britain, Australia and the United States announced Wednesday that they have made new sanctions against a Russian cybercrime group called Media Land.

The U.S. Department of the Treasury’s Office of Foreign Assets Control, Australia’s Department of Foreign Affairs and Trade, and Britain’s Foreign Commonwealth and Development Office created the sanctions against Media Land and its sister companies: Hypercore Ltd., a front company of Aeza Group LLC; ML Cloud; Media Land Technology; and Data Center Kirishi, the Treasury Department said.

Media Land allegedly operates “bulletproof” hosting services, which enable cybercriminals to engage in ransomware and phishing attacks.

The U.S. Treasury has also sanctioned the top three people who run Media Land and its sister organizations.

Aleksandr Volosovik is the alleged general director of Media Land and has advertised the Media Land business on cybercriminal forums under the alias “Yalishanda.” He has allegedly provided servers and conducted troubleshooting for ransomware and distributed denial-of-service actors.

Kirill Zatolokin is an alleged Media Land employee who collects payment from customers and coordinates with other cyber actors. He also allegedly works closely with Volosovik on Media Land’s overall operations.

Yulia Pankova is allegedly aware of Volosovik’s illicit activity, has helped Volosovik with legal issues, and has handled his finances. OFAC is designating Pankova for having materially assisted, sponsored, or provided financial, material, or technological support for, or goods, and services to or in support of Volosovik.

“These shadowy online networks allow cybercriminals and malicious actors to think they can act with impunity and destroy livelihoods — today’s action … proves otherwise,” the U.K. Foreign Affairs Office’s statement said.

Those using Media Land’s services are responsible for ransomware attacks against the U.K.’s critical national infrastructure including those in the telecommunications sector, as well as malware and phishing campaigns targeting U.K. taxpayers, the statement said.

“These so-called bulletproof hosting service providers like Media Land provide cybercriminals essential services to aid them in attacking businesses in the United States and in allied countries,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence John K. Hurley in a statement. “Today’s trilateral action with Australia and the United Kingdom, in coordination with law enforcement partners, demonstrates our collective commitment to combatting cybercrime and protecting our citizens.”