The Record is reporting that Europol has taken down VPNLab, a service reportedly used by ransomware gangs. An international law enforcement operation has seized the servers of VPNLab.net, a virtual private network provider that advertised its services on the criminal underground and catered to various cybercrime groups, including ransomware gangs.
Europol said it seized 15 servers operated by the VPNLab team in Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the US, and the UK. VPNLab had been around since 2008, was built around the OpenVPN technology, used 2048-bit encryption, and offered double VPN anonymized connections for as little as $60/year.
Experts weighed in on this latest news.
Nasser Fattah, North America Steering Committee Chair, Shared Assessments:
“VPN is a powerful tool that protects the confidentiality of data traversing the Internet, as well as conceals one digital location because it masks one's IP address. It has become the tool of choice for those either working from home or on the road that needs to secure remotely connect and access company IT assets, including data. Unfortunately, for same the aforementioned reasons, VPN is also a tool that threat actors often use to spread malware and to commit their crimes without much concern with detection by local authorities because of the anonymity they get via VPN services. And when authorities successfully takedown VPN providers that knowingly enable cybercrimes, it disrupts many threat actors relying on such providers for their attacks.”
Garret Grajek, CEO, YouAttest:
“The alarming progression in hacking has been the specialization and federation of duties of the hacking groups. In this example, one set of hackers creates the tool for private traffic of the malware. Another group discovers the zero-day flaw and another creates the malware. The specialization of duties aids in the ability of the overall attack and increases the likelihood of success, which is why enterprises need to double down on key concepts of security like zero trust and real time identity governance.”