The United States, Australia, and the United Kingdom have imposed sanctions on Zservers, a Russian bulletproof hosting provider, for supporting the notorious LockBit ransomware operation. The sanctions also target two Russian administrators, Alexander Igorevich Mishin and Aleksandr Sergeyevich Bolshakov, who facilitated LockBit’s cryptocurrency transactions and operations.

Key Developments:
– Canadian authorities discovered a LockBit control panel linked to Zservers during a 2022 raid
– The UK government sanctioned XHOST Internet Solutions LP (Zservers’ UK front) and four employees
– Sanctions prohibit transactions with designated entities and freeze their assets

Recent LockBit Enforcement Actions:
– US State Department offered rewards up to $10 million for LockBit admin Dmitry Khoroshev
– Additional $15 million reward for information on LockBit operators and affiliates
– Multiple arrests and charges against suspected LockBit members in 2023-2024
– Operation Cronos dismantled LockBit’s infrastructure in February 2024, seizing 34 servers

Impact and Scale:
– LockBit has conducted over 7,000 attacks between June 2022 and February 2024
– Estimated extortion proceeds reach $1 billion
– Notable victims include Bank of America, Boeing, UK Royal Mail, and Italian Internal Revenue Service

The coordinated international action aims to disrupt LockBit’s operations by targeting its infrastructure providers and key personnel, demonstrating increased global efforts to combat ransomware threats.