Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Stark Industries bulletproof-hosting rebrand and asset shift after EU sanctions

Threat Actor Meta
First reported
Last updated
Happening score
H score 18
1 unique sources, 2 articles

Summary

Hide ▲

Stark Industries Solutions Ltd. rebranded and shifted assets after EU sanctions, preserving a bulletproof hosting network tied to cyberattacks and disinformation. The infrastructure moved through the[.]hosting, WorkTitans BV, PQ Hosting Plus S.R.L., and MIRhosting between May and June 2025. The changes appear designed to obfuscate ownership and keep services online. That matters because the network remained able to support abusive hosting despite sanctions.

Related Happenings

FIOD arrests Stark Industries-linked operators and seizes 800 servers

Law Enforcement
First: 22.05.2026 20:24 Last: 22.05.2026 20:24 Sources 1

How related: On May 18, Dutch financial crime investigators arrested Nesterenko and Zinad, and searched three businesses in Enschede and Almere and two data centers in Dronten and Schiphol-Rijk.

About this happening: **FIOD** arrested **two men** and seized **800 servers** tied to **Stark Industries**, escalating a law-enforcement case involving hosting infrastructure used for **cyberattacks**...

Open Happening

European Union sanctions Stark Industries

Regulatory/Legal Action
First: 22.05.2026 20:24 Last: 22.05.2026 20:24 Sources 1

How related: The two men were the focus of a 2025 KrebsOnSecurity story about how their hosting companies had assumed control over the technical infrastructure of Stark Industries Solutions, an Internet service provider sanctioned last year by the EU as a frequent staging ground for cyber mischief from Russia’s intelligence agencies.

About this happening: The **European Union** added **Stark Industries** to its sanctions list, formally restricting a hosting company tied to **cyberattacks** and disinformation support. The move matte...

Open Happening

FCC bans new foreign-made consumer routers

Public Sector Action
First: 25.03.2026 09:11 Last: 25.03.2026 09:11 Sources 1

About this happening: The U.S. Federal Communications Commission banned the import of new foreign-made consumer routers after concluding they pose unacceptable cyber and national security risks to U.S....

Latest development: 26.03.2026 21:48

The FCC's March 23 ban on new foreign-made consumer-grade routers may leave U.S. consumers and small businesses using older devices longer, while businesses replacing network gear could face a more constrained and potentially more expensive market with fewer approved options and longer procurement cycles.

Open Happening

Timeline

  1. 25.05.2026 16:21 1 articles · 2d ago

    Dutch FIOD arrests MIRhosting and WorkTitans owners

    Legal Policy Action Update

    Dutch FIOD arrested Andrey Nesterenko of MIRhosting and Youssef Zinad of WorkTitans BV on May 18, 2026, searched three businesses in Enschede and Almere and two data centers in Dronten and Schiphol-Rijk, and seized laptops, telephones, and more than 800 servers in a sanctions investigation tied to the[.]hosting, MIRhosting, and WorkTitans BV.

    Show sources
    Open in new tab
  2. 11.09.2025 20:40 2 articles · 8mo ago

    Stark rebrands and shifts infrastructure after EU sanctions

    Technical Analysis Update

    After the May 2025 EU sanctions on Stark Industries Solutions Ltd., PQ Hosting, and Yuri and Ivan Neculiti, Stark Industries Solutions Ltd. rebranded to the[.]hosting under the Dutch entity WorkTitans BV (AS209847) on June 24, 2025. Stark address space and other resources were shifted to PQ Hosting Plus S.R.L., and MIRhosting appears to have become the new home for Stark-related infrastructure and the primary beneficiaries of the assets.

    Show sources
    Open in new tab