The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has announced additional sanctions, this time targeting ransomware and malware providers.
According to OFAC, two individuals and one entity have been sanctioned for targeting Americans. These include First VPN Service (1VPNS), a virtual private network (VPN) provider selling to ransomware groups, and its administrator, Dmytro Rashevskyi. Apparently, 1VPNS mainly services ransomware actors and cybercriminals.
OFAC explains that since 2014, 1VPNS has promoted its services claiming that it does not keep logs of users’ identities or activities, and that it refuses to cooperate with law enforcement.
OFAC is also designating Yegeniy Vladimirovich Silayev, a Belarusian national, who is said to sell “cryptors,” tools used to disguise ransomware and other malware as legitimate programs to prevent security systems from detecting or deactivating them. Rashevskyi is said to have used fake identities, including “Maksim Sorin” and “Roman Chabanenko,” to buy infrastructure from companies.
The sanctions are being coordinated with the UK and the Foreign, Commonwealth & Development Office (FCDO).
In May 2026, 1VPNS’s website was shut down, and other infrastructure was taken down by European law enforcement authorities, with the support of the Federal Bureau of Investigation (FBI).
Any entities that are owned, directly or indirectly, individually or in the aggregate, by one or more blocked persons by 50 percent or more are blocked.