A number of VPN (opens in new tab) platforms have been taken offline after reportedly offering services to cybercriminals.
Three services that provided a safe haven for cybercriminals for more than a decade have been take down as part of a joint operation between law enforcement agencies from the US, Germany, France and Switzerland.
Law enforcement agencies seized the domains insorg[.]org, safe-inet[.]com, and safe-inet[.]net and their homepages have now been replaced with banners telling visitors that the sites have been seized as part of Operation Nova.
- We've put together a list of the best business VPN (opens in new tab) services out there
- These are the best Android VPN (opens in new tab) apps on the market
- Also check out our roundup of the best Windows 10 VPN (opens in new tab) services
In separate press releases, the US Department of Justice and Europol explained that the three companies' servers were routinely used to mask the real identities of ransomware gangs, Magecart (opens in new tab) groups and other cybercriminals.
The three illegal VPN services allowed attackers to operate from behind a proxy network (opens in new tab) that was up to five layers deep so that their online activities couldn't be traced back to them.
All three companies that had their domains seized operated bulletproof hosting (opens in new tab) services according to law enforcement.
The US Attorney’s Office for the Eastern District of Michigan provided further insight on how bulletproof hosting differs from traditional web hosting (opens in new tab) in a press release (opens in new tab), saying:
“A “bulletproof hosting service” is an online service provided by an individual or an organization that is intentionally designed to provide web hosting or VPN services for criminal activity. These services are designed to facilitate uninterrupted online criminal activities and to allow customers to operate while evading detections by law enforcement. A bulletproof hoster’s activities may include ignoring or fabricating excuses in response to abuse complaints made by their customer’s victims; moving their customer accounts and/or data from one IP address, server, or country to another to help them evade detection; and not maintaining logs (so that none are available for review by law enforcement). ”
The operators of these illegal VPNs also used underground hacking forums (opens in new tab) to advertise their services to cybercriminals that wanted to avoid detection online.
While all three domains have now been seized, Europol says that it plans to analyze the data collected from the sites in order to take action against some of the service's users.
- We've also highlighted the best iPhone VPN (opens in new tab)
Via ZDNet (opens in new tab)