Europol, the European police coordinating agency, and law enforcement agencies in the US and Canada seized the web domains and server infrastructure of DoubleVPN. Threat actors frequently used the Russian-based virtual private network to hide illicit activity.

According to Europol, servers were seized across the world where DoubleVPN had hosted content, and the web domains were replaced with a law enforcement splash page.

“DoubleVPN was heavily advertised on both Russian and English-speaking underground cybercrime forums as a means to mask the location and identities of ransomware operators and phishing fraudsters,” authorities claim in a press release.

Europol claims that DoubleVPN offered clients multiple layers of protection, which resulted in the service being used to compromise networks worldwide.

“Law enforcement is most effective when working together, and today’s announcement sends a strong message to the criminals using such services: the golden age of criminal VPNs is over. Together with our international partners, we are committed to getting this message across loud and clear,” Edvardas Šileris, the head of Europol’s cybercrime unit, is quoted in the press release.

Reuters reports that the company’s website on Wednesday showed a warning from law enforcement officials saying they had seized the domain, along with information that DoubleVPN kept about its customers.

DoubleVPNs domain was replaced with a law enforcement splash page. Image by Europol.

Response to a gold rush?

A sharp spike in ransomware attacks against businesses worldwide is already dubbed a gold rush by experts in the field. Multiple factors add to the surge in ransomware attacks. However, two critical elements for success stand out.

A global pandemic that forced billions of workers to use unsecured networks and the success of double extortion tactics, employed by ransomware groups. The victim is forced to pay money for stolen data and digital keys that allow continuing operations. For maximum effect, criminals target businesses that have sensitive data and cannot handle halt in operations.

“Ransomware gangs became much more focused and much more targeted, finding their victims in almost every possible industry that showed even the slightest vulnerability, including military, public administration, and, of course, hospitals and emergency services. And if the initial intrusion was successful, cyber-criminals made the most of it,” Ondrej Kubovic, ESETs Security awareness specialist, said during the ESET World 2021 conference this month.

However, law enforcement agencies are trying to address the problem worldwide. This month Ukrainian police reported uncovering a group of hackers who used ransomware software to extort money from foreign businesses, mainly in the United States and South Korea.

Authorities claim that hackers used Cl0p encryption software to decipher stolen data and demanded ransom for the access key.


More from CyberNews:

XXI century mafia: criminal enterprises at the heart of ransomware

New ransomware group Hive leaks Altus group sample files

The evolving ransomware landscape

Multiple US energy firms attacked with ransomware in the past 12 months – report

The rise of makeshift ransomware: what is Epsilon Red and should you worry about it?

Subscribe to our newsletter