Law enforcement intercepted VPN traffic, seized domains, and arrested its operator.
Europol announced yesterday the results of the operation against the service, First VPN. The First VPN website now displays a message saying the domain was seized by a joint international law enforcement action.
“A VPN service used by cybercriminals to conceal ransomware attacks, data theft, and other serious offenses has been dismantled in an international operation led by France and the Netherlands, with support from Europol and Eurojust,” the agency said. “For years, the service, known as ‘First VPN,’ was promoted on Russian-speaking cybercrime forums as a trusted tool for remaining beyond the reach of law enforcement. It offered users anonymous payments, hidden infrastructure, and services designed specifically for criminal use.”
Read the article first. They exclusively tailored to criminals on cybercrime forums. If they were shutting down all VPNs which were used by criminals then they would have gone after all.
While performing incident response engagements I’ve seen a lot of criminals using Proton and others, due to them not being purposely designed for criminals they get away with it.
It’s just like when they shut down RedVDS in January.
What’s the difference between a VPN that ensures privacy and a VPN “tailored to criminals”?
Running ads on cybercrime forums and having your marketing language say that you won’t comply with the judiciary.
Are either of those things illegal?