Dec 23, 2020 11:09:00

Cyber criminal purveyor VPN is cut off at once by Europole's 'Operation Nova'

Europol (Europol) is on December 22, 2020, the United States Department of Justice to block the three VPN in collaboration with the (DOJ), et al., Today announced that it has seized the domain. The three VPN services ' insorg.org ', ' safe-inet.com ' and ' safe-inet.net ' that were shut down this time are all said to have been used for illegal purposes such as ransomware operation for more than 10 years. Ransomware.

Cybercriminals' favorite VPN taken down in global action | Europol
https://www.europol.europa.eu/newsroom/news/cybercriminals%E2%80%99-favourite-vpn-taken-down-in-global-action

US LAW ENFORCEMENT JOINS INTERNATIONAL PARTNERS TO DISRUPT A VPN SERVICE USED TO FACILITATE CRIMINAL ACTIVITY | USAO-EDMI | Department of Justice
https://www.justice.gov/usao-edmi/pr/us-law-enforcement-joins-international-partners-disrupt-vpn-service-used-facilitate

Law enforcement take down three bulletproof VPN providers | ZDNet
https://www.zdnet.com/article/law-enforcement-take-down-three-bulletproof-vpn-providers/

Europole was used by cybercriminals on December 22 by 'Operation Nova,' which was being jointly developed with the US DOJ and investigative agencies in Germany, France, Switzerland, and the Netherlands3. Announced successful seizure of two VPN service domains and server infrastructure.

According to IT news site ZDNet, 'insorg.org', 'safe-inet.com' and 'safe-inet.net' seized by Europole and others were active until the 21st. However, at the time of writing the article, the top pages of all three domains have been replaced with the guide 'This domain has been seized.'

According to the DOJ, the domains of the three VPN services seized this time were functioning as '

bulletproof hosting services ' provided primarily for criminal activity. Specifically, ransomware attacks that illegally encrypt the system and demand a ransom, e-skimming that steals credit card information from online shopping sites, spear phishing, which is a phishing scam targeting specific individuals or groups, etc. It turns out that it was running on the VPN that was seized this time.

According to Europol's research, the VPN service was offered at a high price to criminal organizations as the best tool to evade the eyes of law enforcement agencies by providing anonymous VPN connections consisting of up to 5 layers. The service was widely promoted in various criminal communities in English and Russian.

One of the 'safe-inet.com' promotions identified by ZDNet is: Posting on the online bulletin board claims the stability and security of the VPN, and the monthly usage fee from $ 15.83 (about 1639 yen).

The investigation also identified about 250 companies around the world that were the targets of cyber attacks using VPNs, and the investigative authorities have issued warnings to these companies.

'The investigation conducted by our cybercrime experts has been successful due to excellent international cooperation with partners around the world,' said Ud Vogel, chief of the German police headquarters in Reutlingen, who led Operation Nova. The results show that the cooperation of law enforcement agencies in each country is as strong as criminals. '

'Even if a criminal escapes, we can't escape the enforcement of the law,' said Edward Schiller, head of the European Cybercrime Center at Europole. We will continue to take the lead in preempting criminals. We will continue to work tirelessly with our partners, 'he said, stating his enthusiasm for future investigations.