Technologies like VPN are now susceptible to be used by cyber actors to deploy ransomware and facilitate cybercrimes. Recently, a VPN provider called VPNLab.net was taken offline for being used by malicious hackers to install ransomware into its clients.
Swift action was taken by Europol, grounding 15 of its servers on January 17 over Germany, the Czech, Ukraine, U.K., Hungary, the Netherlands, Canada, Latvia, France, and the U.S rendering its services inoperable.
The tool provides advanced anonymity for its clients through its double VPN connections, where traffic is routed through two VPN servers situated in two different countries instead of one – for a price of only $60/year.
Europol didn’t disclose the names of the companies affected but the seizure of the tool resulted in the identification of at least 100 businesses being at the risk of impending cyberattacks.
Europol stated in press conference that VPNLan.net “provided a platform for the anonymous commission of high value cybercrime cases, and was involved in several major international cyberattacks”, making it an admirable alternative for cybercriminals who could eventuate crimes without fear of detection by local authorities.
The tool caught the glance of the law enforcement once its infrastructure began to be widely used to disseminate malware, as the investigators extracted evidence of the service advertised on the dark web.
Ukraine’s Cyber Police said the VPN service was identified as being utilised in no less than 150 ransomware cases, with a total cost bill of €60 million in payments.
This take-down follows the shutdown of bulletproof VPN service Safe-Inet in December 2020, and the previous takedown of DoubleVPN in June 2021.
The shutdown of VPNLab.net is the most recent effort exerted by the authorities to hone in on VPN providers that have links to crime syndicates and groups.
Edvardas Sileris, the head of Europol’s European Cybercrime Centre (EC3), declared that “the actions carried out under this investigation make clear that criminals are running out of ways to hide their tracks online.”
He further added, “Each investigation we undertake informs the next, and the information gained on potential victims means we may have pre-empted several serious cyberattacks and data breaches.”
For those who use VPN for legitimate purposes, it is important to ensure that the VPN has a good reputation and can stand up to scrutiny in this regard. Credibility is important to assess, and can be done by looking at reviews, consumer review websites and exploring forums to see what sort of reputation a provider has.