NEW DELHI: VPNLab.net, a VPN service provider being misused by ransomware operators and malware actors, was taken down by law enforcement officials from ten nations.
Europol organised the disruptive combined action, which took place on January 17, 2022. It involved law enforcement operations in Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the United States, and the United Kingdom all taking place at the same time.
The law enforcement officers confiscated 15 servers utilised by the VPNLab.net service and pulled down its main website, rendering the platform inoperable.
Cybercriminals utilise VPN (virtual private network) services to conceal their true location and identity, as well as to obscure their online tracks, by routing network traffic across several encryption tunnels.
When compared to ordinary consumer VPN services, solutions for illicit usage are slower and more laborious due to several layers of encryption and bouncing.
VPNLab.net was one of the most established and trustworthy businesses of its kind, having been founded in 2008 and delivering OpenVPN-based technology with 2048-bit encryption for only $60 a year.
Its servers were spread across several nations, allowing it to be close to harmful actors all around the world while still maintaining acceptable performance.
According to Europol official after repeated investigations discovered criminals utilising the VPNLab.net service to support illicit operations such as malware distribution, law enforcement developed an interest in the provider.
Other examples showed the service being used to build up infrastructure and communications for ransomware operations, as well as the actual deployment of malware.
According to a separate news release from the Ukrainian cybercrime police, this service has been utilised in at least 150 ransomware attacks.
VPNLab.net suffered financial losses of at least 60 million Euros ($68.3 million) as a direct result of these activities.
VPNLab.net’s owners and operators have yet to be identified, charged, or arrested. However, as a result of the servers’ confiscation, law enforcement claims to have crucial evidence on that front.
Furthermore, client data held within them will be inspected, which means that the authorities will most likely identify other ransomware affiliates.
Europol will coordinate another similar takedown action against Safe-Inet and Insorg VPN, two service providers renowned for catering to cybercriminal behaviour, in December 2020.
Follow The420.in on