The Justice Department on July 14 unsealed an indictment charging three Russian nationals with operating a pair of bulletproof hosting (BPH) services that provided infrastructure and technical cover to at least 17 criminal groups, enabling more than $62 million in losses across hospitals, schools, banks, and government agencies in 21 states.
The defendants, Alexander Alexandrovich Volosovik, 43, Yulia Vladimirovna Pankova, 29, and Kirill Andreevich Zatolokin, 34, all based in St. Petersburg, are accused of running Media Land and ML.Cloud, two companies prosecutors say marketed themselves to ransomware operators by promising to ignore law enforcement takedown requests and victim complaints.
Volosovik, who operated under the alias “Yalishanda,” owned Media Land. Pankova owned ML.Cloud. Zatolokin collected payments and coordinated services with criminal clients, according to the indictment.
The criminal groups alleged to have used Media Land and ML.Cloud infrastructure include LockBit, Cl0p, BlackSuit, and Play, among at least 13 others. BPH services function by leasing servers to cybercriminals while actively resisting disruption efforts, absorbing law enforcement takedown requests and shielding clients from attribution.
The indictment was returned under seal by a federal grand jury in the Northern District of Ohio on December 5, 2024, and unsealed Tuesday after investigators tracked the operation since 2021. All three defendants were charged with conspiracy to commit and aid computer fraud, conspiracy to commit wire fraud, wire fraud, and conspiracy to commit money laundering.
The State Department’s Rewards for Justice program simultaneously posted a reward of up to $10 million for information on “foreign government-linked associates” of the three operators, a framing that signals U.S. investigators are pursuing potential ties to the Russian state beyond the commercial cybercrime charges.
All three defendants remain in Russia and are not expected to face arrest.







