Law Enforcement Disrupts VPN Services Enabling Cybercrime
The United States and international partners shut down three bulletproof hosting services used to facilitate criminal activity.
Global law enforcement agencies have shut down three virtual private network (VPN) services built to help criminals launch ransomware campaigns, phishing attacks, and other illicit activity.
"Operation Nova" was led by the German Reutlingen Police Headquarters, Europol, the FBI, and other agencies around the world. Together, they conducted a coordinated takedown of servers in at least five different countries in addition to seizing domains providing "bulletproof hosting."
Their investigation revealed three domains (insorg.org, safe-inet.com, and safe-inet.net) offered these bulletproof hosting services, which are online services provided by an organization and designed to offer Web hosting or VPN services for criminal activity. Many of these services are advertised on forums where criminals discuss their activity, according to officials.
The appeal of bulletproof hosting services is they let criminals operate uninterrupted. Hosting providers may ignore, or fabricate excuses for, abuse complaints made by a client's victims. They may move a customer's accounts or data from one IP address, server, or country to another to help them evade detection. They don't keep logs that can be used as evidence, either.
"By providing these services, the bulletproof hosts knowingly support the criminal activities of their clients and become co-conspirators in criminal schemes," officials wrote in a release.
Many of the criminals who used the network engaged in ransomware, e-skimming breaches, spear-phishing, and account takeover, they said. The service offered support in both English and Russian, at a high price to its users, who used the service to launch attacks around the world.
Read the full DoJ release for more details.
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024