CyberSecurityBoard
Sponsor Register Login

Bulletproof Hosting Provider Aeza Group Shifting Their Infrastructure to New Autonomous System

Following U.S. Treasury sanctions imposed on July 1, 2025, the notorious bulletproof hosting provider Aeza Group has rapidly migrated its infrastructure to a new autonomous system in an apparent attempt to evade enforcement measures. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated Aeza Group, two affiliated companies, and four individuals for providing bulletproof hosting services that enabled global cybercriminal activity, including ransomware operations, data theft, and darknet drug trafficking. The newly allocated autonomous system, established just ten days before the migration, already contains over 2,100 IP addresses, indicating an unusually rapid operational ramp-up that security experts believe represents a coordinated effort to maintain cybercriminal hosting services under new infrastructure. This enforcement action targeted AS216246 and AS210644, autonomous systems that Silent Push threat analysts had previously identified as bulletproof hosting providers in early 2025. This autonomous system number was allocated on July 10, 2025, to Hypercore LTD, according to Silent Push’s Total View platform data.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 25 Jul 2025 10:35:16 +0000


Cyber News related to Bulletproof Hosting Provider Aeza Group Shifting Their Infrastructure to New Autonomous System

Russian bulletproof hosting service Aeza Group sanctioned by US for ransomware work | The Record from Recorded Future News - Aeza Group is a bulletproof hosting (BPH) services provider, the department said, that allows cybercriminals to avoid law enforcement while renting IP addresses, servers and domains used for disseminating malware, supporting darknet markets and ...
3 weeks ago Therecord.media LockBit
Bulletproof Hosting Provider Aeza Group Shifting Their Infrastructure to New Autonomous System - Following U.S. Treasury sanctions imposed on July 1, 2025, the notorious bulletproof hosting provider Aeza Group has rapidly migrated its infrastructure to a new autonomous system in an apparent attempt to evade enforcement measures. The U.S. ...
19 hours ago Cybersecuritynews.com
Autonomous Vehicles: Driving the Future - The realm of autonomous vehicles presents a fascinating scenario where machines assume control of the wheel, ushering in a new era of transportation. The evolution of autonomous vehicles began quietly in the early days of the automotive industry, ...
1 year ago Securityzap.com
How Autonomous Vehicles are Revolutionizing the Last-Mile Logistics Industry - Cybersecurity will be one of the key concerns as last-mile logistics companies look to enhance efficiency with autonomous vehicles. The growing acceptance of robotaxis is good news for delivery companies who see autonomous vehicles as a tool for ...
1 year ago Cyberdefensemagazine.com
Aeza Group sanctioned for hosting ransomware, infostealer servers - The U.S. Department of the Treasury has sanctioned Russian hosting company Aeza Group and four operators for allegedly acting as a bulletproof hosting company for ransomware gangs, infostealer operations, darknet drug markets, and Russian ...
3 weeks ago Bleepingcomputer.com LockBit BianLian
U.S. Treasury Sanctioned Bulletproof Hosting Provider Used by Ransomware Operator Groups - The company’s bulletproof hosting infrastructure supported notorious ransomware groups, including BianLian operators and hosted command-and-control (C2) panels for the Meduza and Lumma infostealers, which specifically targeted the U.S. defense ...
3 weeks ago Cybersecuritynews.com BianLian
Russian Hackers Using Russia-Based Bulletproof Network to Switch Network Infrastructure - Russian-aligned hacking groups UAC-0050 and UAC-0006 have been observed switching their network infrastructure through bulletproof hosting providers, enabling persistent campaigns against Ukrainian entities and their international allies. The complex ...
3 months ago Cybersecuritynews.com
What is Autonomous System? Types, Roles & ASN Definition - Autonomous Systems form the backbone of modern Internet infrastructure by enabling efficient data exchange across diverse networks managed by various entities worldwide. Autonomous System Numbers (ASNs) are globally unique identifiers assigned to ...
9 months ago Cybersecuritynews.com
Russia arrests CEO of tech company linked to Doppelgänger disinformation campaign | The Record from Recorded Future News - The chief executive of Russian tech company Aeza Group has been arrested in Moscow on suspicion of leading a criminal organization and involvement in large-scale drug trafficking. According to Russian media reports, Bozoyan and fellow Aeza cofounder ...
3 months ago Therecord.media
Meet Ika & Sal: The Bulletproof Hosting Duo from Hell - In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. The Spamdot admins went by the ...
1 year ago Krebsonsecurity.com
Cyberattack on Russian independent media had links to US-sanctioned institute, researchers find | The Record from Recorded Future News - In a report last week, U.S. cybersecurity firm Trustwave revealed that the threat actor known as Blind Eagle used the Russian bulletproof hosting service Proton66 to host various types of malicious content, including phishing pages. The hosting ...
3 weeks ago Therecord.media LockBit
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
9 months ago Securelist.com
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
9 months ago Cyberdefensemagazine.com Akira
Threat Actor Leaked Data from Major Bulletproof Hosting Medialand - A significant data breach occurred when an unidentified threat actor leaked internal data from Medialand, a major bulletproof hosting (BPH) provider with extensive ties to cybercriminal operations worldwide. ????️ On March 28, 2025, a threat actor ...
3 months ago Cybersecuritynews.com
25 Best Cloud Service Providers (Public and Private) in 2025 - Oracle Cloud offers a variety of services, including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS), to help organizations build, deploy, and run applications in the cloud. Oracle Cloud is a cloud ...
2 months ago Cybersecuritynews.com
DevSecOps: Shifting Security to the Left - This blog explains how Shifting Security to the Left introduces security in the early stages of the DevOps Lifecycle, thus fixing software bugs proactively. Throughout this process, it feels like security has been left behind a little. 'Shifting ...
1 year ago Feeds.dzone.com
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - Earlier this week, the authorities in the United States, Australia, and the United Kingdom, announced sanctions against the same bulletproof hosting provider for its involvement in cybercrime operations. The servers were located in the Paul van ...
5 months ago Bleepingcomputer.com LockBit
How To Assess MDR Providers with MITRE ATT&CK Steps - It has become essential for organizations to leverage managed detection and response (MDR) solutions in order to protect their systems and data from the ever-increasing number of cybersecurity threats. However, when assessing potential MDR providers, ...
2 years ago Csoonline.com
Feds Sanction Russian Hosting Provider Over LockBit Attacks - "It is important to acknowledge that although sanctions might impede ransomware operations by targeting their infrastructure, ransomware groups such as LockBit are highly adaptive and well-connected, and will likely have other providers ...
5 months ago Darkreading.com LockBit
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
1 year ago Cisa.gov
In the Trenches of Broadband Policy: 2023 Year In Review - Lawmakers recognized this during the pandemic and set in motion once-in-a-generation opportunities to build the future-proof fiber infrastructure needed to close the digital divide once and for all. Monopolistic internet service providers, with ...
1 year ago Eff.org
CVE-2022-48895 - In the Linux kernel, the following vulnerability has been resolved: ...
7 months ago
Turkish APT Sea Turtle Resurfaces, Spies on Dutch IT Firms - Sea Turtle, a group of hackers aligned with the Turkish government, has returned after going undetected since 2020. Dutch cybersecurity provider, Hunt & Hackett, reported on January 5, 2024, that Sea Turtle has been conducting multiple espionage ...
1 year ago Infosecurity-magazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)