The Record is reporting Europol takes down VPNLab, a service used by ransomware gangs. An international law enforcement operation has seized the servers of VPNLab.net, a virtual private network provider that advertised its services on the criminal underground and catered to various cybercrime groups, including ransomware gangs.
Europol said it seized 15 servers operated by the VPNLab team in Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the US, and the UK. VPNLab had been around since 2008, was built around the OpenVPN technology, used 2048-bit encryption, and offered double VPN anonymized connections for as little as $60/year.
Experts with Shared Assessments and YouAttest offer comments.
<p>Cyber criminals regularly use <span class=\"il\">VPNs</span> because it makes it harder for law enforcement to locate them. Most <span class=\"il\">VPN</span> services are legitimate but are still subject to law enforcement requests for information. In this case, the <span class=\"il\">VPN</span> provider appears to have had a high proportion of criminal actors and may not have been cooperating with law enforcement requests. Facilitating criminality is also often a crime even if they aren\’t directly dirtying their hands. We\’ve seen examples of other seemingly legitimate darknet news sites being taken down because they were receiving advertising commissions from criminal activities even though the rest of the site was seemingly lawful.</p>
<p>Law enforcement are getting smarter with cyber crime and common techniques for hiding actors\’ identities. If you\’re involved in criminality on the darkweb, it is very difficult to hide yourself perfectly – you only need to make one mistake for law enforcement to get you.</p>
<p>The alarming progression in hacking has been the specialization and federation of duties of the hacking groups. In this example, one set of hackers creates the tool for private traffic of the malware. Another group discovers the zero-day flaw and another creates the malware. The specialization of duties aids in the ability of the overall attack and increases the likelihood of success, which is why enterprises need to double down on key concepts of security like zero trust and real time identity governance.</p>
<p>VPN is a powerful tool that protects the confidentiality of data traversing the Internet, as well as conceals one digital location because it masks one\’s IP address. It has become the tool of choice for those either working from home or on the road that needs to secure remotely connect and access company IT assets, including data. Unfortunately, for same the aforementioned reasons, VPN is also a tool that threat actors often use to spread malware and to commit their crimes without much concern with detection by local authorities because of the anonymity they get via VPN services. And when authorities successfully takedown VPN providers that knowingly enable cybercrimes, it disrupts many threat actors relying on such providers for their attacks.</p>