A virtual private network service known as ‘First VPN,’ which was utilized in ransomware and data theft incidents, has been dismantled as a result of a collaborative international law enforcement effort.
Law enforcement agencies have successfully confiscated multiple First VPN servers situated in 27 countries, apprehended the service administrator, and conducted a search at a residence in Ukraine.
The First VPN service was promoted on various cybercrime forums as a privacy-centric VPN that does not retain user data and disregards requests from law enforcement for user information.
VPN tools are designed to encrypt user traffic and conceal their actual IP addresses. Although they are commonly used for legitimate purposes such as safeguarding privacy on public WiFi, circumventing censorship, minimizing tracking, and facilitating secure remote work, malicious actors also leverage them to mask their location and digital infrastructure.
Depending on the jurisdiction in which they operate, VPN providers may be obligated by law to comply with law enforcement demands and furnish any stored data for criminal inquiries.
According to Europol, the name of the service featured in nearly every major cybercrime probe supported by the agency. Europol has confirmed that First VPN operations have been terminated.
The investigation into the First VPN service commenced in December 2021 and was spearheaded by authorities from France and the Netherlands, who established a joint investigative team in November 2023.
At a certain juncture, investigators managed to infiltrate the VPN infrastructure before it was deactivated, enabling them to gather traffic data that facilitated the identification of service users.
“An Operational Taskforce was established at Europol, bringing together investigators from 16 countries to analyze the seized data and coordinate intelligence sharing with international counterparts,” as per Eurojust.
A coordinated international operation carried out between May 19 and 20 targeted the “First VPN” service, resulting in the following actions:
The Dutch police press release has confirmed that all users of First VPN have been identified and directly informed, although specific numbers were not disclosed, and it remains uncertain if legal actions will be pursued against them.
Europol’s announcement revealed that information on 506 users was shared globally, along with 83 “intelligence packages” that will aid ongoing or upcoming investigations.
“The collated intelligence exposed numerous users linked to the cybercrime ecosystem and yielded operational leads related to ransomware attacks, fraudulent activities, and other serious offenses worldwide,” Europol stated.
Automated pentesting tools provide substantial value, but their primary focus is on answering one critical question: can an intruder navigate through the network? These tools are not designed to assess whether your security controls effectively thwart threats, if your detection mechanisms trigger alerts, or if your cloud configurations are secure.
This comprehensive guide outlines the six key areas that require validation.
Download Now
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook’s New Look: A Blend of Instagram’s Style
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
Facebook and Instagram to Reduce Personalized Ads for European Users
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Subscribe to our weekly newsletter below and never miss the latest News or an exclusive offer.
