UK Exposes Bulletproof Hosting Operator Linked to LockBit and Evil Corp

The UK’s National Crime Agency (NCA), working with international law enforcement agencies, has exposed and sanctioned Alexander Volosovik, also known online as “Yalishanda,” for running a long-standing bulletproof hosting operation that has supported major cybercrime and ransomware groups like LockBit, Evil Corp and BlackBasta.

Volosovik operated under the names Media Land LLC and ML.Cloud LLC, both based in Russia. According to the NCA, his infrastructure gave ransomware gangs and malware operators the tools to carry out cyber attacks that caused serious damage to organisations around the world, from financial losses to disrupted operations.

Bulletproof hosting providers play a behind-the-scenes role in the cybercrime economy. They offer hosting that ignores abuse complaints, hides user identities, and actively resists takedowns by law enforcement. This makes them a valuable service for cybercriminals who want to operate with less risk of being stopped.

The UK’s Foreign, Commonwealth and Development Office (FCDO ...