Feb. 11 (UPI) — The U.S. Treasury Department on Tuesday announced a joint effort with Britain and Australia to sanction a Russian-based Internet hosting provider for supporting ransomware operations.

The nations sanctioned Zservers for its role in supporting global ransomware outfits like LockBit, which has forced billions from American companies to regain access to their networks.

LockBit was responsible for the November 2023 attack against the Industrial Commercial Bank of China U.S. broker-dealer. Zservers and other so-called bulletproof hosting services, or BPH, are used to evade detection and law enforcement while breaking into computer infrastructures.

“Ransomware actors and other cybercriminals rely on third-party network service providers like Zservers to enable their attacks on U.S. and international critical infrastructure,” Bradley Smith, the Treasury’s acting under-secretary for terrorism and financial intelligence said.

“Today’s trilateral action with Australia and the United Kingdom underscores our collective resolve to disrupt all aspects of this criminal ecosystem, wherever located, to protect our national security.”

Headquartered in Barnaul, Russia, Zservers has built a reputation as a safe haven for cybercriminals to evade law enforcement investigators. Through that time, the servers provided the means for ransomware attacks in the United States and other countries.

U.S. officials accuse Zservers of subleasing IP addresses and running the programming interface malware used by LockBit and other Russian-related cybercriminals. Zservers likely ran ransomware attacks to continue by assigning new IP addresses to Lockbit users.