Law enforcement authorities have seized or disrupted the 15 servers that hosted VPNLab.net’s service, used by cybercriminals to distribute malware and deploy ransomware.
Investigators identified more than one hundred businesses as at risk of cyberattacks and are now working directly with these potential victims to mitigate their exposure.
For as little as $60 per year, cybercriminals used the VPN provider’s service to distribute malware, set up infrastructure and communications behind ransomware campaigns, and deploy the ransomware.
“The actions carried out under this investigation make clear that criminals are running out of ways to hide their tracks online. Each investigation we undertake informs the next, and the information gained on potential victims means we may have pre-empted several serious cyberattacks and data breaches,” the Head of Europol’s European Cybercrime Centre, Edvardas Šileris, is quoted in a press release.
Investigators found the service advertised on the dark market itself.
Disruptive actions took place in a coordinated manner in Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the United States, and the United Kingdom. The operation was led by the Central Criminal Office of the Hannover Police Department in Germany.
“One important aspect of this action is also to show that, if service providers support illegal action and do not provide any information on legal requests from law enforcement authorities, that these services are not bulletproof,” Chief of Hanover Police Department Volker Kluwe stated.
VPNLab.net was established in 2008, offering services based on OpenVPN technology and 2048-bit encryption to provide online anonymity for as little as USD 60 per year. The service also provided a double VPN, with servers located in many countries. This made VPNLab.net a popular choice for cybercriminals.
More from CyberNews:
Subscribe to our newsletter