Australia has imposed financial sanctions on five Russian individuals and a cybercriminal infrastructure provider for enabling unlawful activity online.
The Australian Federal Police (AFP) acknowledged the joint decision by Australia, the United States, and the UK to sanction “ZServers,” a cybercrime service provider based in Barnaul, Russia.
ZServers facilitated the Medibank Private data breach in October 2022, compromising millions of customers’ personal and medical information.
This marks Australia’s first cyber sanction against an entity.
Global Cybercrime Networks Disrupted
ZServers operated as a bulletproof hosting (BPH) provider, supplying cybercriminals with resilient online infrastructure that is resistant to takedown efforts. Such services allow criminals to operate anonymously while ignoring complaints from victims.The LockBit ransomware group, a major cybercrime syndicate, used ZServers to distribute ransomware and extort Australian businesses and individuals.
LockBit was disrupted in February 2024 through a Europol-led operation involving law enforcement from 10 countries, including the AFP.
Law Enforcement Expands Cybercrime Crackdown
As per AFP, in collaboration with the Department of Foreign Affairs and Trade (DFAT) and the Australian Signals Directorate (ASD), it targeted individuals linked to major cybercriminal groups, including Aleksandr Ermakov (Medibank breach), Dmitry Yuryevich Khoroshev (LockBit syndicate), and senior members of “Evil Corp.”AFP Cyber Command Assistant Commissioner Richard Chin outlined the role of BPH providers in facilitating cybercrime.
Parliament Urged to Strengthen Scam Laws
According to December 2024 data, the AFP-led Operation Dolos prevented $83 million in cyber fraud losses since 2020, with over 100 investigations ongoing.Under Operation Aquila, the AFP and ASD have targeted international ransomware groups.
The AFP’s Joint Policing Cybercrime Coordination Centre (JPC3) also played a key role in Operation Nebulae, dismantling the phishing-as-a-service platform LabHost and leading to five Australian arrests.
In another major initiative, Operation Firestorm is pursuing organised crime syndicates behind scam centres in Southeast Asia and Eastern Europe. This operation, supported by AFP cybercrime liaison officers worldwide, follows the October takedown of a Philippine scam centre, which led to 250 arrests.
The announcement coincides with Assistant Treasurer Stephen Jones’ farewell speech, urging Parliament to pass his anti-scam bill.
“Australians are losing $7 million a day to scams, and we can do better,” Jones said.
The Scams Prevention Framework Bill, introduced in November 2024, aims to hold businesses accountable for scam prevention, increase penalties for non-compliance, and strengthen consumer protections.
