‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested

“Users of the criminal service have been notified of the shutdown and informed that they have been identified,” Europol said, noting that information on 506 users was shared internationally.Bitdefender, which was involved in the takedown, pointed out that the 506 users are a subset of First VPN’s customer base, and investigators will determine which of them can be linked to criminal operations.“Some will be traced to known ransomware groups. Others will reveal fraud operations, data theft campaigns, or cybercrime-as-a-service infrastructure we didn’t know existed,” Bitdefendersaid.“New anonymization services will appear. The economic demand hasn’t changed. But each takedown shortens the operational window of the next service and raises the barrier for actors who relied on turnkey solutions,” the cybersecurity firm added. “First VPN advertised itself as a service criminals could trust to keep them beyond law enforcement’s reach. The operation proved that claim wrong, and every actor evaluating the next anonymization service now knows the same risk exists.”Related:Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’Related:RedVDS Cybercrime Service Disrupted by Microsoft and Law EnforcementRelated:Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation

Bitdefender, which was involved in the takedown, pointed out that the 506 users are a subset of First VPN’s customer base, and investigators will determine which of them can be linked to criminal operations.“Some will be traced to known ransomware groups. Others will reveal fraud operations, data theft campaigns, or cybercrime-as-a-service infrastructure we didn’t know existed,” Bitdefendersaid.“New anonymization services will appear. The economic demand hasn’t changed. But each takedown shortens the operational window of the next service and raises the barrier for actors who relied on turnkey solutions,” the cybersecurity firm added. “First VPN advertised itself as a service criminals could trust to keep them beyond law enforcement’s reach. The operation proved that claim wrong, and every actor evaluating the next anonymization service now knows the same risk exists.”Related:Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’Related:RedVDS Cybercrime Service Disrupted by Microsoft and Law EnforcementRelated:Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation

“Some will be traced to known ransomware groups. Others will reveal fraud operations, data theft campaigns, or cybercrime-as-a-service infrastructure we didn’t know existed,” Bitdefendersaid.“New anonymization services will appear. The economic demand hasn’t changed. But each takedown shortens the operational window of the next service and raises the barrier for actors who relied on turnkey solutions,” the cybersecurity firm added. “First VPN advertised itself as a service criminals could trust to keep them beyond law enforcement’s reach. The operation proved that claim wrong, and every actor evaluating the next anonymization service now knows the same risk exists.”Related:Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’Related:RedVDS Cybercrime Service Disrupted by Microsoft and Law EnforcementRelated:Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation

“New anonymization services will appear. The economic demand hasn’t changed. But each takedown shortens the operational window of the next service and raises the barrier for actors who relied on turnkey solutions,” the cybersecurity firm added. “First VPN advertised itself as a service criminals could trust to keep them beyond law enforcement’s reach. The operation proved that claim wrong, and every actor evaluating the next anonymization service now knows the same risk exists.”Related:Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’Related:RedVDS Cybercrime Service Disrupted by Microsoft and Law EnforcementRelated:Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation

Related:Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’Related:RedVDS Cybercrime Service Disrupted by Microsoft and Law EnforcementRelated:Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation

Related:RedVDS Cybercrime Service Disrupted by Microsoft and Law EnforcementRelated:Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation

Related:Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.

Source: SecurityWeek