LockBit’s Woes Continue as the Gang Gets Sanctioned by US, UK, and Australia
The United States, in a coordinated effort with Australia and Britain, has taken a significant step in the fight against ransomware. They’ve sanctioned Zservers, a Russian company providing services that helped the notorious LockBit ransomware group evade detection.
This isn’t just about targeting LockBit; it’s about dismantling the infrastructure that supports the Russian Cybercrime Network and their cyberattacks.
The US Treasury’s Office of Foreign Assets Control (OFAC) made the announcement, specifically targeting Zservers for its role in providing specialized servers and infrastructure that allowed LockBit to operate under the radar.
Think of Zservers as a digital safe house, helping LockBit hide from law enforcement.
But the sanctions go further. Two key Zservers administrators, Alexander Mishin and Aleksandr Bolshakov, both Russian nationals, are also facing sanctions. These individuals were instrumental in keeping Zservers operational, making this a direct hit at the heart of the operation.
“Ransomware actors and other cybercriminals rely on third-party network service providers like Zservers to enable their attacks on US and international critical infrastructure,” explained Bradley Smith, acting Under Secretary of the Treasury for Terrorism and Financial Intelligence.
This joint action builds on previous collaborations. The Treasury noted that it follows similar US, UK, and Australian sanctions against the Evil Corp ransomware group last year. This shows a growing trend of international cooperation in combating cybercrime.
LockBit, a prominent player in the ransomware world, has been a top target for law enforcement. Operation Cronos, a highly publicized effort earlier in 2024, dealt a significant blow to the group.
While LockBit has attempted to regroup, this latest sanction shows continued pressure on its operations and infrastructure. With LockBit Sanctioned, the fight against Russian hackers and their sophisticated cybercrime networks is far from over, but this is a major victory.
The sanctions against Zservers and its administrators represent a crucial step in disrupting the ecosystem that supports these dangerous ransomware operations. The international community is sending a clear message: this kind of activity will not be tolerated.
