The Justice Department indicted three Russian nationals and their two hosting companies in the Northern District of Ohio, charging conspiracy to commit and aid computer fraud, conspiracy to commit wire fraud, wire fraud and conspiracy to commit money laundering. The indictment, unsealed Tuesday, was actually returned back in 2024, after investigators had spent five years building the case.

Alexander Volosovik, 43, owned Media Land. Yulia Pankova, 29, owned ML.Cloud. Kirill Zatolokin, 34, was charged alongside them on the same counts. All three ran their operation out of St. Petersburg, and prosecutors say their servers powered attacks that hit critical infrastructure in 21 U.S. states and victims in Australia, the EU, the UAE, Canada and the UK, with losses topping $62 million.

This is the government’s core strategy against “bulletproof hosting”: prosecute the landlord, not just the tenant. Media Land and ML.Cloud didn’t write ransomware, they rented the servers and looked away while cybercriminals used the infrastructure. Charging the infrastructure providers directly, rather than chasing individual ransomware affiliates, is the harder case to prove but the one that actually shrinks the market.

The State Department is dangling up to $10 million for information tying the defendants to a foreign government, and the Treasury Department, alongside the UK and Australia, sanctioned Volosovik, Pankova, Zatolokin and their companies in November 2025. None of the defendants are in U.S. custody. Extradition from Russia isn’t happening, so the case now runs on frozen assets and a bounty.

James Okafor