Several major VPN services taken offline for reportedly offering illegal services
FBI, Europol and other law enforcement agencies seize domains of three VPNs frequently used by cybercriminals
A number of VPN platforms have been taken offline after reportedly offering services to cybercriminals.
Three services that provided a safe haven for cybercriminals for more than a decade have been take down as part of a joint operation between law enforcement agencies from the US, Germany, France and Switzerland.
Law enforcement agencies seized the domains insorg[.]org, safe-inet[.]com, and safe-inet[.]net and their homepages have now been replaced with banners telling visitors that the sites have been seized as part of Operation Nova.
- We've put together a list of the best business VPN services out there
- These are the best Android VPN apps on the market
- Also check out our roundup of the best Windows 10 VPN services
In separate press releases, the US Department of Justice and Europol explained that the three companies' servers were routinely used to mask the real identities of ransomware gangs, Magecart groups and other cybercriminals.
The three illegal VPN services allowed attackers to operate from behind a proxy network that was up to five layers deep so that their online activities couldn't be traced back to them.
Bulletproof hosting
All three companies that had their domains seized operated bulletproof hosting services according to law enforcement.
The US Attorney’s Office for the Eastern District of Michigan provided further insight on how bulletproof hosting differs from traditional web hosting in a press release, saying:
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“A “bulletproof hosting service” is an online service provided by an individual or an organization that is intentionally designed to provide web hosting or VPN services for criminal activity. These services are designed to facilitate uninterrupted online criminal activities and to allow customers to operate while evading detections by law enforcement. A bulletproof hoster’s activities may include ignoring or fabricating excuses in response to abuse complaints made by their customer’s victims; moving their customer accounts and/or data from one IP address, server, or country to another to help them evade detection; and not maintaining logs (so that none are available for review by law enforcement). ”
The operators of these illegal VPNs also used underground hacking forums to advertise their services to cybercriminals that wanted to avoid detection online.
While all three domains have now been seized, Europol says that it plans to analyze the data collected from the sites in order to take action against some of the service's users.
- We've also highlighted the best iPhone VPN
Via ZDNet
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.