Posted on January 19, 2022 at 5:12 PM

Europol Shuts Down VPNLab.net For Offering For Hackers To Spread Ransomware

Europol announced that it has dismantled the VPNLab.net network which has been accused of assisting hackers to spread malware. According to the agency, VPNLab supplied services to hackers, enabling them to successfully launch their attacks on organizations.

Europol said it seized 15 servers hosted by VPNLab as part of its action against the platform for facilitating threat actors.

The FBI and other law enforcement agencies across Europe also participated in the takedown, which forced the VPN network to go offline on Monday. The website’s homepage has now been replaced by a notice that declared that the domain has been seized.

Europol said VPNLab.net was first launched in 2008 and started offering customers private internet connections. Like other VPN websites, its service includes offering encrypted internet connections to its customers who are looking to stay anonymous while surfing the net. VPNLab offered subscription services of as low as $69.99 for its annual subscribers.

VPNLab Offered Cybercriminals Avenue To Operate 

Before its homepage was taken down, the company stated that its service is designed for a wide range of clients, including businessmen, traders, SEO-optimizers, and webmasters.

However, after law enforcement carried out “multiple investigations” to discover that cybercriminals are using the VPN to hide their criminal activities. More importantly, the operators of the website were deliberately assisting them to mask their activities, which prompted law enforcement to take further actions. Investigations also revealed that VPNLab.net was advertising itself on the dark web, where hackers and other cyber criminals usually buy and sell illegal goods and services.

 “As a result of the investigation, more than one hundred businesses have been identified as at risk of cyberattacks,” Europol noted.

Additionally, law enforcement has to confiscate customer data from the company’s servers, hoping to get more information about the different hackers that allegedly used the service. Europol noted that it will provide more updates regarding the seizure as well as any further information the public needs to know.

Authorities keep discovering more ransomware attacks that were groomed from online services. This has made them more skeptical about VPN providers. As a result, more secret hacking incidents involving these threat actors are being unearthed regularly.

Europol Says It Discovered Several Hacking Tools Used By Threat Actors 

The recent server disruption has affected several countries that have registered users with the VN company. These countries include Canada, France, Germany, Ukraine, Czech Republic, Hungary, Latvia, The Netherlands, the U.K., and the U.S.

The darknet is infamous for providing an avenue for people to engage in cybercriminal activities. It provides several tools and services for bad actors to launch a series of attacks on unsuspecting victims. That is why it is also called the “black market” of the internet.

Europol said during its investigation it discovered several hacking tools some companies have deployed with the help of VPNLab. The association also noted that it was forced to launch an investigation into the activities of VPNLab.com due to the company’s refusal to cooperate with them. As a result, it will be looking into the activities of other VPN operators to try and uncover other similar operations.

The latest discovery has put VPN service providers under scrutiny, as law enforcement may pay more attention to the services they offer to their clients.

Other VPN Service Providers Have Come Under Scrutiny 

Following the success of the takedown of VPNLabs, it’s only a matter of time before other VPN providers will be investigated for any connection to cybercriminals.

Europol noted that the latest seizure shows that service providers will be violating their rights if they fail to provide information on legal requests from law enforcement authorities. Also, if they support illegal actions from their members, they stand the chance of losing their operational license as well as their entire business. The confiscation of VPNLab will serve as a clear enough message to others who may be aiding and abetting cybercriminals in the activities to cause damage to the online community.

Chief of Hanover Police Department, Volker Kluwe, said the operations of the VPN providers will no longer be bulletproof if they are found to be guilty of supporting cyber criminals in any way.

The latest operation also indicates the result of a strong partnership among international law enforcement agencies, enabling them to dismantle a global cybercriminal network and destroy their brands. The operation is coming only days after Russian authorities arrested the members of the notorious REVil ransomware group, successfully ending their menace on corporate and government organizations.