Linked to the 2022 Medibank Hack, Zservers faces sanctions from Australia, the US and the UK to support cybercriminal activities.
Australia has imposed financial sanctions on five Russian individuals and cybercrime infrastructure providers to enable illegal activities online.
The Australian Federal Police (AFP) has approved a joint decision by Australia, the US and the UK to sanction Zservers, a cybercrime service provider based in Barnoor, Russia.
Zservers promoted a Medibank private data breaches in October 2022, damaging the personal and medical information of millions of customers.
This marks the first cyber sanctions against Australian entities.
Five licensed individuals, Alksandr Bolshakov (owner of Zservers), Aleksandr Mishin and Ilya Sidorov (senior employee), and Dimitriy Bolshakov and Igor Odintsov (employee) are involved in illegal cyber activities related to Zservers. I’m doing it.
Global cybercrime networks are confused
Zservers acted as a bulletproof hosting (BPH) provider, providing cybercriminals with resilient online infrastructure that is resistant to takedown efforts. Such services allow criminals to operate anonymously, ignoring complaints from victims.
The Lockbit Ransomware group, a leading cybercrime syndicate, used Zservers to distribute ransomware, forcing Australian businesses and individuals.
Related Stories
Lockbit was destroyed in February 2024 through an Europol-led business that includes law enforcement agencies in 10 countries, including AFP.
Under the Australian Cyber Sanctions Framework, providing assets to authorized individuals, including payments for ZServers or cryptocurrency and ransomware, is currently a criminal offence punishable by up to 10 years in prison and heavy fines. . Australian institutions must freeze their associated assets.
Law enforcement expands cybercrime crackdown
According to AFP, in collaboration with the Bureau of Foreign Affairs and Trade (DFAT) and the Australian Signals Agency (ASD) to target individuals associated with major cybercrime groups, including Aleksandr Ermakov (Medibank Breach) and Dmitry Yuryevich Khoroshev (Lockbit Syndicate). I did. , and senior members of “Evil Corp.”
AFP Cyber Command Assistant Commissioner Richard Chin outlined the role of BPH providers in promoting cybercrime.
“Bullet-proof hosting providers protect criminals by refusing to defeat sites that host illegal content despite warnings from law enforcement,” he said.
Congress urged to strengthen fraud laws
Data from December 2024 shows that AFP-led Operation Doros has prevented $83 million in cyber fraud losses since 2020, with over 100 investigations underway.
Under Operation Aquila, AFP and ASD are targeting international ransomware groups.
AFP’s Joint Policing Cybercrime Coordination Centre (JPC3) also played a key role in Operation Nebula, dismantling the Love Host, a phishing platform as a service, leading to five Australian arrests.
In another major initiative, Operation Firestorm pursues an organized crime syndicate behind fraud centres in Southeast Asia and Eastern Europe. Supported by AFP Cybercrime Liaison Officers around the world, the operation led to 250 arrests following an October takedown of a Philippine fraud centre.
The announcement coincides with assistant treasurer Stephen Jones’ farewell speech, urging Congress to pass an anti-Scam bill.
“Australians are losing $7 million a day due to fraud. We can do better,” Jones said.
The Fraud Prevention Framework Bill, introduced in November 2024, aims to hold businesses accountable for fraud prevention, increase penalties for non-compliance and enhance consumer protection.
