There’s a solid win for law enforcement in the battle with cybercriminals. Apparently, according to an official Europol statement, law enforcement authorities took action against the criminal misuse of VPN services, as they targeted the users and infrastructure of VPNLab.net. This VPN service has been providing shielded communications and internet access to hackers in various criminal acts, including ransomware deployment.
Europol Closes VPNLab
“On 17 January, disruptive actions took place in a coordinated manner in Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the United States and the United Kingdom. Law enforcement authorities have now seized or disrupted the 15 servers that hosted VPNLab.net’s service, rendering it no longer available,” Europol said. The operation was led by the Central Criminal Office of the Hannover Police Department in Germany, under the EMPACT security framework objective Cybercrime – Attacks Against Information Systems.
More about VPNLab
VPNLab was created in 2008, covering services based on OpenVPN technology and 2048-bit encryption. The VPN’s purpose was to provide service for small fees, such as USD 60 per year. Its service also included the so-called double VPN, with servers located in many different countries. The small fee and variety of services made it a popular choice for cybercriminals, who could use it to perform their crimes without fear of detection by authorities, Europol noted.
VPNLab.net attracted the attention of law enforcement after multiple investigations revealed that cybercriminals were using it to facilitate illegal activities, such as ransomware deployment and malware distribution. In addition to malware delivery, the VPN was also used to set up the infrastructure and communication for ransomware campaigns. The service also advertised itself on the dark web.
“As a result of the investigation, more than one hundred businesses have been identified as at risk of cyberattacks. Law enforcement is working directly with these potential victims to mitigate their exposure,” Europol added.
Here’s a list of the authorities that collaborated in taking down VPNLab:
Germany: Hanover Police Department (Polizeidirektion Hannover) – Central Criminal Office and Verden Public Prosecutor’s Office
Netherlands: The Dutch National Hi-Tech Crime Unit
Canada: Royal Canadian Mounted Police, Federal Policing
Czech Republic: Cyber Crime Section – NOCA (National Organized Crime Agency)
France: Sous-Direction de la Lutte Contre la Cybercriminalité à la Direction Centrale de la Police Judiciaire (SDLC-DCPJ)
Hungary: RSSPS National Bureau of Investigation Cybercrime Department
Latvia: State Police of Latvia (Valsts Policija) – Central Criminal Police Department
Ukraine: National Police of Ukraine (Національна поліція України) – Cyberpolice Department
United Kingdom: The National Crime Agency
United States: Federal Bureau of Investigation
Europol: European Cybercrime Centre (EC3)
- VPN and Windows Flaws Used in Combination in Attacks against Governments
- CVE-2021-22893: Actively Exploited Zero-Day in Pulse Secure VPN Devices
- CVE-2019-7481 VPN Flaw Weaponized by Ransomware Operators