US Indicts Russian Bulletproof Hosting Operators Over $62 Million Cybercrime Scheme
US authorities have charged operators of a Russian bulletproof hosting network accused of enabling cyberattacks that caused more than $62 million in losses to victims worldwide. Learn what the indictment alleges and its cybersecurity implications.
U.S. federal prosecutors have filed charges against three Russian nationals and two web hosting companies for their alleged involvement in a large-scale cybercrime operation that authorities say enabled hacking campaigns causing tens of millions of dollars in losses to businesses across the United States.
The three Russian citizens — Alexander Volosovik, Kirill Zatolokin, and Yulia Pankova, all based in St. Petersburg — are accused of owning and operating the web hosting providers Media Land and ML. Cloud. According to prosecutors, the companies knowingly supplied cybercriminals and state-sponsored hacking groups with hosting services and infrastructure used to conduct malicious cyber operations.
Although the defendants were initially charged in 2024, the indictment was only unsealed this week. The U.S. Treasury Department had previously imposed sanctions on Media Land and ML. Cloud, alleging that the companies allowed ransomware groups such as LockBit, BlackSuit, and Play to use their infrastructure. Those sanctions prohibit U.S. individuals and businesses from conducting transactions with the accused companies or the Russian nationals connected to them.
According to prosecutors, the hosting platforms were used to facilitate distributed denial-of-service (DDoS) attacks intended to disrupt websites and online services, support phishing campaigns, and enable cyberattacks targeting critical infrastructure throughout the United States.
Authorities allege that hackers relied on the companies’ services to carry out attacks against dozens of businesses across more than 20 U.S. states, generating approximately $62 million in proceeds through cybercriminal activity.
The Justice Department said Media Land and M L.Cloud operated as so-called “bulletproof” hosting providers, offering services specifically designed to protect customers from law enforcement investigations, takedown efforts, and other legal actions that typically disrupt malicious online operations.
The accused operators are considered unlikely to face arrest in the near future because they remain in Russia, where extradition to the United States is uncommon. Russian authorities have historically declined to extradite their citizens. However, international law enforcement agencies have successfully detained high-profile cybercrime suspects when they travelled to countries with which the U.S. maintains extradition agreements.
In a statement, U.S. Assistant Attorney General A. Tysen Duva said the activities of the hosting providers posed a significant threat to Americans and national infrastructure. “Their actions put the American public at risk,” Duva said, adding that the Justice Department will continue working to dismantle cybercrime networks and protect critical infrastructure from cyber threats originating both inside and outside the United States.
What's Your Reaction?
Like
0
Dislike
0
Love
0
Funny
0
Angry
0
Sad
0
Wow
0