EU targets Russian-linked cyber attackers, asset freezes coordinated with UK

EU targets Russian-linked cyber attackers, asset freezes coordinated with UK
Credit: Unsplash

The EU has sanctioned nine Russian individuals and four entities it said were involved in cyber-attacks against the bloc, its member states and international partners.

The measures include an asset freeze and a ban on EU citizens and companies making funds or economic resources available to those listed, the Council of the EU announced on Monday night.

Individuals named in the listings also face a travel ban preventing them from entering or transiting through EU territory.

Among those sanctioned is the “bullet proof hosting” service provider Media Land LLC and its owner, Alexander Volosovik, for facilitating malware attacks that led to financial losses and enabled ransomware and phishing operations targeting critical infrastructure and essential services in EU member states. A sister company, ML.Cloud, was also listed.

The Council also imposed sanctions on Z-Pentest, described as a pro-Russia hacktivist group that has targeted critical infrastructure globally, particularly in the energy and water sectors. Z-Pentest carried out a cyber-attack against a Danish water utility in December 2024.

Two people linked to the group CARR (Cyber Army of Russia Reborn) were also sanctioned: Yuliya Vladimirovna Pankratova, described as Z-Pentest’s leader, and Denis Olegovich Degtyarenko, described as a primary hacker. CARR has run sustained DDoS campaigns since 2022, which involve flooding online services with traffic to disrupt access, and is linked to Russia’s military intelligence agency, the GRU.

GRU-linked listings and malware developers

LLC ‘Impuls’ and its owner, Evgeniy Viktorovich Bashev, were listed for providing technical and material support to cyber-attacks and attempted cyber-attacks conducted by GRU Unit 29155 against the EU and its member states, the Council said.

Bashev is identified as a member of that GRU unit.

Three further individuals were sanctioned over alleged involvement in malware. Maksim Evgeniyevich Voronin and Maksim Alexsandrovich Gordienko were listed for involvement in developing, distributing and selling information-stealing malware known as LummaC2, while Vitaly Nikolayevich Kovalev was listed over development of the malware programmes Trickbot and Conti.

The EU said the sanctions were adopted in close coordination with the UK, marking the first time the EU and the UK have imposed sanctions simultaneously under their respective cyber sanctions regimes.

Separately, the Council listed Ivan Kasyanenko — identified as deputy commander of the GRU’s Special Operations Service — under the EU framework for restrictive measures in response to Russia’s “destabilising actions”.

He was described as a principal organiser and supervisor of GRU Unit 29155 activities linked to Afghanistan, including alleged efforts to provide financial incentives for attacks targeting US and coalition personnel.

Kasyanenko was also linked to operations connected to the 2018 Novichok poisonings of Sergei Skripal and his daughter, as well as to coordination of covert Russian activities in Europe, the management and integration of Wagner Group networks in Africa in 2023, and military-technical cooperation initiatives involving Iran.


Copyright © 2026 The Brussels Times. All Rights Reserved.