Europol shuts down VPN used by cybercriminal groups

Joint operation seized 15 servers around the world used by VPNLab.net

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

AVPNservice frequently used by cybercriminals to launchransomwareattacks and spreadmalwareonline has been taken down as part of a joint operation betweenEuropoland law enforcement authorities from 10 different countries.

On January 17, disruptive actions took place in a coordinated manner in Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine the US and the UK as law enforcement from each country seized or disrupted 15serversused to host VPNLab.net.

Europol’s European Cybercrime Centre (EC3) provided support for the operation through its Analysis Project ‘CYBORG’ which organized over 60 coordination meetings and three in-person workshops while also providing both analytical and forensic support.

Head of the EC3, Edvardas Šileris explained in apress releasehow data gathered in this operation will be used to help Europol find its next target, saying:

“The actions carried out under this investigation make clear that criminals are running out of ways to hide their tracks online. Each investigation we undertake informs the next, and the information gained on potential victims means we may have pre-empted several serious cyberattacks and data breaches.”

A VPN for cybercriminals

First established in 2008, VPNLab.net provided VPN services based onOpenVPNand utilized 2048-bit encryption to provide its customers with online anonymity for as little as $60 per year. In addition to a regular VPN, the site also provided adouble VPNwhere internet traffic would pass through multiple VPN servers before arriving at its destination.

According to Europol, law enforcement first took interest in VPNLab after multiple investigations revealed that cybercriminals were using the service for illicit activities including malware distribution. Meanwhile, other cases showed that the service was used to set up infrastructure and communications behind ransomware campaigns. In apress release, Ukraine’s cyberpolice revealed that VPNLab was used in at least 150 ransomware attacks.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

While VPNLab has now been shut down, the owners and operators of the service have yet to be identified, charged or arrested. However, data seized from the service’s servers could hold valuable evidence on who was behind the operation.

At the same time, law enforcement plans to comb through VPNLab’s customer data with the aim of identifying additionalransomware affiliates.

We’ve also featured thebest endpoint security softwareandbest identity theft protection

ViaBleepingComputer

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

Is it still worth using Proton VPN Free?

Mozambique VPN usage soars as internet restrictions continue

Black Friday is here: Sony XM5 over-ears drop to their lowest-seen price – act fast!