Another day, another 🇬🇧 UK-based shell corporation utilized for nefarious purposes: UFO TECHNOLOGIES LIMITED, registered to the pictured address in Ipswich (which houses a co-working space) in February.

spamhaus@infosec.exchange

Another day, another UK-based shell corporation utilized for nefarious purposes: UFO TECHNOLOGIES LIMITED, registered to the pictured address in Ipswich (which houses a co-working space) in February. Its director, Russian national Lenar I. Davletshin, is no stranger to cybercrime investigators; related internet infrastructure and corporate entities have repeatedly been linked to bulletproof hosting. ️

spamhaus@infosec.exchange

The lack of proper vetting of UK corporations' officers details has long been exploited by miscreants (and criticized by investigators).

Thanks to recently strengthened regulation, https://find-and-update.company-information.service.gov.uk/company/17022120/officers proudly notes Davletshin's identity has been verified successfully. What remains to be sorted is the ability of bulletproof hosting operators to successfully establish shell corporations in the UK at all. 🧐

#OSINT #BulletproofHosting #Cybercrime #UK

spamhaus@infosec.exchange

Particularly noteworthy is "Bearhost", a related, long-standing service offering, which shut down on May 9, 2025.

However, it didn't take long for comeback attempts -- at this time, we link active Galeon LLC (AS211663) and aforementioned UFO TECHNOLOGIES LIMITED (AS201738) to this threat actor. Both networks trace back to St. Petersburg, Russia (and are included in our DROP and ASN-DROP lists).
https://www.spamhaus.org/blocklists/do-not-route-or-peer/ ️