A VPN service provider being misused by ransomware operators and malware actors - VPNLab.net was taken down by law enforcement officials from ten nations. The domain was seized under the leadership of the Police Headquarters Hannover and the Verden Public Prosecutor‘s Office (Germany).
Europol organised the disruptive combined action on January 17, 2022 and involved law enforcement operations in Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the United States, and the United Kingdom, all taking place at the same time.
The law enforcement officers confiscated 15 servers utilised by the VPNLab.net service and pulled down its main website, rendering the platform inoperable.
Cybercriminals utilise VPN (virtual private network) services to conceal their true location and identity, as well as to obscure their online tracks, by routing network traffic across several encryption tunnels. When compared to ordinary consumer VPN services, solutions for illicit usage are slower and more laborious due to several layers of encryption and bouncing.
VPNLab.net was founded in 2008 and was one of the most established and trustworthy businesses of its kind, delivering OpenVPN-based technology with 2048-bit encryption for only $60 a year. Its servers were spread across several nations, allowing it to be close to harmful actors all around the world while still maintaining acceptable performance.
After repeated investigations, Europol officials discovered criminals utilising the VPNLab.net service to support illicit operations such as malware distribution, law enforcement developed an interest in the provider. Other examples showed the service being used to build up infrastructure and communications for ransomware operations, as well as the actual deployment of malware.
According to a separate news release from the Ukrainian cybercrime police, this service has been utilised in at least 150 ransomware attacks.
VPNLab.net suffered financial losses of at least 60 million Euros ($68.3 million) as a direct result of these activities. Its owners and operators are yet to be identified, charged, or arrested. However, as a result of the servers’ confiscation, law enforcement claims to have crucial evidence on that front.
Europol will coordinate another similar takedown action against Safe-Inet and Insorg VPN, two service providers renowned for catering to cybercriminal behaviour.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
