On the morning of January 17, coordinated acts of disturbance took place in Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the United States and the United Kingdom. Law enforcement agencies confiscated 15 servers hosting the VPNLab.net service, rendering the service unavailable. The Police Directorate’s Central Criminal Investigation Department in Hanover, Germany, is responsible for the act, under the banner IMPACT-project Cybercrime – Attacks on Information Systems.
The provider of choice for cybercriminals
Founded in 2008, VPNLab.net offers services based on OpenVPN technology and 2048-bit encryption to ensure online anonymity for just $60 a year. This makes it popular among cybercriminals, who use the service to continue to commit their crimes without fear that the authorities will find them.
Law enforcement agencies tracked down the provider after several investigations revealed that criminals were using VPNLab.net products to facilitate their illegal practices, such as administering Botnets and distributing Ransomware. Another case shows that the product was also used to set up the infrastructure and communications behind the Ransomware campaign. At the same time, detectives found advertisements for the service on the dark web.
From the results of the investigation, it was revealed that hundreds of companies were at risk of becoming victims of cyber attacks. Law enforcement is currently working with potential victims to make them less vulnerable to attack.
Use VPN services for criminal purposes is getting cornered
Edvardas ileris, Head of Europol’s European Cybercrime Center: ‘The actions that are part of this investigation make it clear that criminals have less and less ways to hide their tracks online. Each survey we conduct provides the following information. The information we collect about possible victims will enable us to prevent a number of serious cyber attacks and data breaches.”
Volker Kluwe, Chief of Police in Hanover, said: “Another important aspect of this action is that we demonstrate that service providers who support illegal practices and refuse to provide information when lawfully requested by law enforcement agencies are not bulletproof. The operation demonstrates that the effective cooperation of international law enforcement agencies allows us to take global networks and destroy these companies.”
Europol’s European Cybercrime Center (EC3) supports the day of action through the ‘CYBORG’ Analysis Project, which organizes more than 60 coordination meetings and three face-to-face workshops. In addition, EC3 provides analytical and forensic assistance. The Joint Cybercrime Action Taskforce (J-CAT) facilitated the exchange of information from Europol’s headquarters in The Hague.
The following authorities took part in this operation:
- Germany: Politiedirectoraat Hanover (Hanover Police Directorate) – Centrale Recherche
- Netherlands: Police, National Unit (National Investigative Service, High Tech Crime Team)
- Canada: Royal Canadian Mounted Police
- Czech Republic: Czech Police (Policie eské Republiky) – Cyber Crime Department
- France: Sub-Directorate of Cybercrime Eradication of the Judicial Police (Sous-Direction de la Lutte Contre la Cybercriminalité la Direction Centrale de la Police Judiciaire (SDLC-DCPJ)
- Hungary: Hungarian Police (Rendőrség)
- Latvia: State Police of Latvia (Valsts Policija) – Central Criminal Investigation Department
- Oekraïne: Oekraïense Nationale Politie (Ukrainian National Police) – Afdeling Cybercrime
- United Kingdom: National Crime Agency
- United States: Federal Bureau of Investigation
- Europol: European Cybercrime Center (EC3)
read here message from Europol.
“Certified introvert. Devoted internet fanatic. Subtly charming troublemaker. Thinker.”