UK and EU designate 24 Russian cyber and information-operations targets under sanctions
UK financial institutions must screen and block the 24 newly designated Russian cyber and information-operations targets, freeze their UK assets, and avoid facilitating any ransomware payment to them
- — Sanctions-screening teams at UK banks, payment providers and their correspondent-banking functions must add all 24 designated individuals and entities — including Vyacheslav Stafeyev, Ivan Senin, Ivan Kasyanenko, IMPULS, the Lumma Stealer operators and the 10 Rybar LLC individuals — to name-and-identifier filters before the next funds-transfer cycle, and block or reject matching transactions, since dealing with a designated person breaches UK sanctions on a strict basis.
- — Firms must freeze any UK-jurisdiction funds or economic resources held for the designated parties and refrain from making funds or resources available to them, reporting to OFSI as required — the asset freeze takes effect on listing and applies regardless of transaction size.
- — Incident-response, cyber-insurance and ransom-decisioning teams must screen any prospective ransomware payment against the updated UK Sanctions List, because making or facilitating a payment to a designated person (including via Lumma Stealer-linked or other listed actors) exposes those involved to civil or criminal penalties under OFSI's sanctions-and-ransomware guidance.
- — Sanctions-screening and correspondent-banking teams at UK financial institutions and payment providers
- — Compliance and financial-crime functions responsible for UK Sanctions List screening
- — Incident-response, cyber-insurance and ransom-payment decisioning teams exposed to ransomware payments
- — Effective: 13 July 2026 — the designations apply on listing; UK assets are frozen and dealing prohibitions and ransomware-payment exposure are in force from this date.