US OFAC sanctions Russian group over cryptocurrency crimes

• OFAC sanctions Russian companies over crypto use
• Aeza Group linked to ransomware and darknet market
• More than US$350 moved in illicit crypto assets

The US Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions on the Russian group Aeza and three affiliated entities, accusing them of facilitating cybercriminal activities using cryptocurrencies and advanced digital infrastructure. The action, announced Tuesday, aims to combat the use of fail-safe hosting (FHS) services for practices such as ransomware, data theft and illegal trading on the darknet.

🚨 BREAKING: The US Treasury's OFAC sanctions a Russian hosting provider linked to ransomware, infostealers, & darknet drug markets enabling crypto theft.

A major move against infrastructure fueling illicit digital asset activity. 🛑💻 #cybersecurity #crypto #ransomware ... pic.twitter.com/gzbzoZM9zx

According to the US Treasury, Aeza Group acted as a service provider for cybercriminal networks that exploited the anonymity of the blockchain, moving funds through cryptocurrencies such as TRON. One of the addresses linked to the group received more than US$350 in illicit payments. The sanctions also target three related entities: Aeza International Ltd, based in the United Kingdom, Aeza Logistics LLC and Cloud Solutions LLC, both located in Russia.

Four individuals have been named as key operators of the group: Arsenii Penzev, CEO and shareholder; Yurii Bozoyan, general director; Vladimir Gast, technical director; and Igor Knyazev, also a shareholder. Together, they are accused of structuring and maintaining systems that support illegal actions such as the theft of personal credentials, which were then sold on underground internet marketplaces.

Additionally, OFAC noted that Aeza’s infrastructure has been used by organizations such as BlackSprut, a darknet marketplace involved in the trade of fentanyl precursors that has generated over $900 million in revenue. The group has also provided technical support to ransomware operators such as BianLian, Meduza, and Luma, all of which have been linked to cyberattacks and extortion schemes demanding payment in cryptocurrency.

The Treasury Department has reinforced that it will continue to track and block access by malicious actors to the United States financial system, with special attention to the misuse of digital assets by international criminal networks.