US law enforcement has accused Russian hosting service Zservers of aiding cryptocurrency extortionists.
According to law enforcement, Zservers provided hosting services to the LockBit hacker group, which distributes malware to encrypt victims' data. Thanks to assistance from Zservers employees, the attackers managed to avoid detection and continue their illegal activities.
Zservers administrator Alexander Mishin was also accused of executing transactions related to the extortion of digital assets. According to experts from the research firm Chainalysis, Mishin and other Zservers employees processed cryptocurrency transfers worth at least $5,2 million made by criminals. The key role in cashing out the ransom received by the hackers was allegedly played by the Russian crypto exchange Garantex.
The US, UK and Australian authorities have imposed sanctions on Zservers for collaborating with cybercriminals. In particular, officials have ordered the freezing of the company's assets and financial restrictions. In addition, Zservers has been blocked from accessing the global financial system, and the organization's clients face penalties for using hosting services.
LockBit is considered one of the most widespread cryptocurrency extortion software. The US Department of Justice believes that with the help of this software, attackers have seized digital assets worth more than $100 million and have affected more than 2000 people. The developer of this malware counts Voronezh resident Dmitry Khoroshev, known under the pseudonyms LockBitSupp, LockBit and putinkrab.
