Technology
U.S. charges Russian nationals in ransomware infrastructure crackdown
Federal authorities unsealed an indictment in the Northern District of Ohio charging Alexander Alexandrovich Volosovik, 43, Kirill Andreevich Zatolokin, 34, and Yulia Vladimirovna Pankova, 29, along with Media Land LLC and ML.Cloud LLC, with conspiracy to commit and aid and abet computer fraud, conspiracy to commit wire fraud, wire fraud, and conspiracy to commit money laundering. The companies were headquartered in St. Petersburg, Russia.
Bulletproof hosting is the infrastructure criminals use to keep malicious services online, shield identities, and make takedowns harder, turning a single server company into a force multiplier for ransomware, phishing, malware, and fraud.

The indictment alleges the network caused more than $62 million in victim losses over a seven-year investigation. Victims were located in Ohio, 20 other states, and several countries, with targets including banks, schools, government entities, hospitals, and media companies.
Assistant Attorney General A. Tysen Duva called the defendants' operation criminal infrastructure from an overseas haven that put the public at risk, while the FBI and its partners moved against the core services cybercriminals rely on. The State Department’s Rewards for Justice program offers a reward of up to $10 million and possible relocation assistance for information that can identify the defendants, their associates, or their cyber activity.

The State Department imposed sanctions in November 2025 against the indicted defendants and companies. The State Department identified Media Land as a bulletproof hosting company that supported criminal marketplaces and ransomware actors including LockBit, BlackSuit, and Play. On February 11, 2025, the United States, United Kingdom, and Australia sanctioned Zservers, another Russia-based bulletproof hosting provider, for supporting LockBit attacks.
Sources
- [1]justice.gov
- [2]state.gov
- [3]fbi.gov