A Russian-based VPN (opens in new tab) service that was popular among cybercriminals has been seized by an international law enforcement operation led by the Dutch National Police with support from Europol and Eurojust.
As reported (opens in new tab) by BleepingComputer, DoubleVPN was commonly used by cybercriminals due to the fact that it offered a double-encryption service to help them evade detection when conducting their illegal activities online.
However, what they didn't know is that the service was keeping tabs on them in the form of customer logs that were seized along with servers and data from the company.
- We've built a list of the best VPN (opens in new tab) services available
- These are the best Windows 10 VPN (opens in new tab) services for your PC
- Also check out our roundup of the best business VPN (opens in new tab)
When using DoubleVPN, requests are encrypted and transmitted to one VPN server and then sent to additional VPN servers before finally connecting to the final destination. This allowed cybercriminals to hid both their real locations and originating IP addresses (opens in new tab) when launching cyberattacks on both businesses and consumers.
Seized by law enforcement
DoubleVPN's website is now offline after it was taken down by law enforcement and in its place, there is now a website seizure notice (opens in new tab) that explains how the VPN's owners “failed to provide the services they promised”.
While cybercriminals thought they were getting a secure VPN (opens in new tab) that would help them stay anonymous, in reality the company was collecting personal information on them as well as logs and statistics on their online activity.
Europol provided further details on how DoubleVPN was marketed to cybercriminals and used to compromise networks worldwide in a press release (opens in new tab), saying:
“DoubleVPN was heavily advertised on both Russian and English-speaking underground cybercrime forums as a means to mask the location and identities of ransomware operators and phishing fraudsters. The service claimed to provide a high level of anonymity by offering single, double, triple and even quadruple VPN-connections to its clients. DoubleVPN was being used to compromise networks all around the world.”
- We've also featured the best Mac VPN (opens in new tab)
Via BleepingComputer (opens in new tab)