Published in: Uncategorized

US Treasury Freezes Aeza’s $350K Crypto Wallet in Bulletproof-Hosting Crackdown

Author core

Published on: July 2, 2025

The U.S. Treasury Department sanctioned Russia-based Aeza Group for aiding cybercriminal operations and froze a linked cryptocurrency wallet holding over $350,000.

OFAC further named four Aeza Group officials, Penzev, Bozoyan, Gast, and Knyazev, for their roles in the organization.

Notably, Aeza Group, a known bulletproof hosting (BPH) provider, was sanctioned by the Office of Foreign Assets Control (OFAC) for offering secure and anonymous infrastructure to cybercriminals.

The St. Petersburg-based hosting provider has been supporting ransomware groups like BianLian and the info-stealer operators behind RedLine, Lumma, and Meduza.

Two affiliated companies and Aeza International Ltd., a UK-based front company, were sanctioned in coordination with the United Kingdom’s National Crime Agency.

US Treasury Freezes Aeza Crypto Wallet Used to Obfuscate and Move Funds

Bulletproof hosting refers to internet hosting services that provide infrastructure to cybercriminals, offering servers designed to evade detection and resist takedown efforts.

These services are commonly used by ransomware groups, data thieves, and online drug vendors to carry out and hide illegal operations from law enforcement.

According to Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence Bradley T. Smith, “Cybercriminals continue to rely heavily on BPH service providers like Aeza Group to facilitate disruptive ransomware attacks, steal U.S. technology, and sell black-market drugs.”

The Treasury Department further alleges that the platform enabled attacks on U.S. defense and tech firms and aided the Russian darknet drug market BlackSprut.

As part of the sanction, OFAC froze a TRON-based cryptocurrency wallet used by Aeza Group in which Chainalysis revealed to have functioned as a hub for collecting payments, cashing out funds through various exchanges, and occasionally receiving direct customer payments.

The on-chain analysis linked the wallet to over $350,000 in cryptocurrency, with some transactions traced to darknet vendors and malware distributors.

OFAC Efforts to Disrupt Cybercrime Infrastructure

The Treasury’s latest action indicates its continued effort toward dismantling the infrastructure that supports cybercrime, rather than solely pursuing individual hackers after the fact.

“Treasury remains committed to dismantling this ecosystem in close coordination with international partners,” said Bradley T. Smith.

Notably, the OFAC carried out a similar move in February 2025, when it sanctioned ZServers, a known bulletproof hosting provider used by cybercriminals to evade law enforcement.

Also, OFAC sanctions on Aeza Group are not the first time the department has clamped down on Russia-linked crime. On June 12, 2024, OFAC imposed sanctions targeting Russia’s war economy, including restrictions on access to U.S. software and IT services.

The sanction also includes secondary sanctions on foreign firms, particularly Chinese semiconductor suppliers supporting Moscow.

OFAC also sanctioned Russian national Andrey Dmitriyevich Sudakov for allegedly laundering cryptocurrency from gold sales via front companies in the UAE and Hong Kong.

Another notable sanction to curb illicit trades includes OFAC-sanctioned Iranian national Behrouz Parsarad, administrator of the dismantled darknet marketplace Nemesis.

The marketplace facilitated $30 million in illegal drug sales, including fentanyl. Parsarad allegedly tried to revive the platform after its March 2024 takedown.

Notably, the sanctions target his crypto infrastructure, including 44 Bitcoin and five Monero addresses.

The post US Treasury Freezes Aeza’s $350K Crypto Wallet in Bulletproof-Hosting Crackdown appeared first on Cryptonews.