Following this announcement, the Department of the Treasury’s Office of Foreign Assets Control (OFAC), Australia’s Department of Foreign Affairs and Trade, and the United Kingdom’s Foreign Commonwealth and Development Office are jointly designating Zservers for its role in supporting LockBit ransomware attacks.
LockBit, a Russia-based ransomware, is one of the most deployed ransomware variants and was responsible for the November 2023 attack against the Industrial Commercial Bank of China US broker-dealer.
Zservers, headquartered in Russia, has advertised BPH services on known cybercriminal forums to evade law enforcement investigations and takedowns, as well as scrutiny from multiple cybersecurity firms. Zservers has provided BPH services, including leasing numerous IP addresses, to LockBit affiliates, who have leveraged the hosting solutions in order to coordinate and launch ransomware attacks.
BPH service providers sell access to specialised servers and other computer infrastructures which are designed to evade detection and defy law enforcement attempts in order to disrupt these malicious activities. OFAC is also designating two Russian nationals who are key administrators of Zservers and have enabled multiple ransomware attacks and other criminal activity. As Ransomware actors and other cybercriminals rely on third-party network service providers like Zservers to enable their attacks on US and international critical infrastructure, the initiative underscores the collective resolve to disrupt all aspects of this criminal ecosystem in order to protect national security.
As a result, all property and interests in the property of the blocked persons described above that are in the US or in the possession or control of US persons are blocked and must be reported to OFAC. In addition, any entities that are owned, directly or indirectly, individually or in the aggregate, 50% or more by one or more blocked individuals also need to be blocked. Unless authorised by a general or specific license issued by OFAC, or exempt, OFAC’s regulations generally prohibit all transactions by US persons or within the country that involve any property or interests in the property of designated or otherwise blocked persons.
Furthermore, financial institutions and other individuals that engage in certain transactions or activities with the sanctioned entities and individuals may expose themselves to sanctions or be subject to an enforcement action. The prohibitions also include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any designated person, or the receipt of any contribution or provision of funds, goods, or solutions from any such individual. Violations of OFAC regulations may result in civil or criminal penalties.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now