U.S. Treasury Department Imposes Sanctions Targeting Sanctions Evasion Network
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has designated individuals and entities for supporting a malicious cyber actor,Aeza,and facilitating sanctions evasion. This action, taken under Executive Order (E.O.) 13694, as amended, aims to disrupt the technical infrastructure used by Aeza, a group known for harmful cyber activities.
Specifically, OFAC designated Zakirov for materially assisting, sponsoring, or providing support to Aeza. Additionally, two companies – Smart Digital Ideas DOO (Smart Digital), a Serbian firm, and Datavice LLC (Datavice), an Uzbek company – were designated as key components in Aeza’s sanctions evasion efforts.Smart Digital was cited for providing material support to Aeza, while Datavice was designated for being owned or controlled by, or acting on behalf of, Aeza. These companies were utilized to establish technical infrastructure deliberately distanced from the Aeza brand to obscure its operations.
The sanctions mean that all property and interests in property of these designated individuals and entities within the United States, or under the control of U.S. persons, are blocked and must be reported to OFAC. Any entity owned 50% or more, directly or indirectly, by these designated parties is also blocked. Transactions by U.S. persons, or within the U.S., involving these blocked parties are generally prohibited unless authorized by a license or exemption.
OFAC warns that financial institutions and other entities engaging in transactions with the sanctioned individuals and companies risk facing sanctions themselves or enforcement action. Prohibited activities include providing any funds, goods, or services to, or receiving them from, the designated parties. Violations can result in both civil and criminal penalties. OFAC’s Economic Sanctions Enforcement Guidelines detail the factors considered when determining responses to potential violations.
OFAC emphasizes that its goal is behavioral change, not punishment, and provides information on the process for seeking removal from the Specially Designated Nationals and Blocked Persons (SDN) List.
Further details on the designations can be found at https://ofac.treasury.gov/recent-actions/20251119.
The Cybersecurity and Infrastructure security agency (CISA), alongside law enforcement and international partners, has also released guidance on mitigating risks associated with bulletproof hosting providers, which are often utilized by malicious cyber actors. This guidance is available at https://www.cisa.gov/resources-tools/resources/bulletproof-defense-mitigating-risks-bulletproof-hosting-providers.
Note: The prompt requested information about United States, Australia, and United Kingdom sanctions. This document only details U.S.sanctions. There is no mention of actions taken by australia or the United Kingdom within the provided text. Thus, I have reported only the information present in the source material.
