US Treasury Sanctions Russian Bulletproof Hosting Provider Zservers for Supporting LockBit Ransomware Attacks
do son 
The U.S. Department of the Treasury, in a coordinated effort with Australia and the United Kingdom, has announced sanctions against Zservers, a Russian bulletproof hosting (BPH) provider accused of facilitating LockBit ransomware attacks. The sanctions also target two Russian nationals who are key administrators of Zservers.
Bulletproof hosting providers like Zservers offer services designed to evade law enforcement and cybersecurity measures, enabling cybercriminals to operate with impunity. Zservers has been specifically linked to supporting LockBit, a notorious ransomware group responsible for numerous high-profile attacks, including the November 2023 attack on the Industrial Commercial Bank of China U.S. broker-dealer.
“Ransomware actors and other cybercriminals rely on third-party network service providers like Zservers to enable their attacks on U.S. and international critical infrastructure,” said Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence Bradley T. Smith. “Today’s trilateral action with Australia and the United Kingdom underscores our collective resolve to disrupt all aspects of this criminal ecosystem, wherever located, to protect our national security.”
Minister of State for Security, Dan Jarvis, said: “Ransomware attacks by Russian affiliated cybercrime gangs are some of the most harmful cyber threats we face today and the government is tackling them head on. Denying cybercriminals the tools of their trade weakens their capacity to do serious harm to the UK.”
Evidence gathered by law enforcement agencies reveals that Zservers has leased IP addresses and other infrastructure to LockBit affiliates, who used these services to launch and coordinate ransomware attacks. In one instance, Canadian law enforcement discovered a laptop connected to a Zservers IP address running a LockBit malware operation interface.
Related Posts:
- Bulletproof Hosting: The Dark Infrastructure Behind Global Cybercrime
- The US announces sanctions against Russian individuals and companies tied to worldwide hacking
- Treasury Department Hit by Major Cybersecurity Incident, China Suspected
- PROSPERO & Proton66: Unmasking the Bulletproof Hosting Connection
- US Treasury Sanctions Chinese Cybersecurity Firm for Supporting Cyberattacks on Critical Infrastructure
