In a global joint operation called “Operation Nova” law enforcement agencies from the US, Germany, Netherlands, Switzerland, France, along with Europol's European Cybercrime Centre (EC3) have disrupted Safe-Inet, a popular virtual private network (VPN) service used to facilitate criminal activity.
According to the US Department of Justice's and Europol's announcements, the police shut down three domains associated with Safe-Inet — insorg[.]org, safe-inet[.]com, and safe-inet[.]net and seized their infrastructure in Germany, the Netherlands, Switzerland, France and the United States.
A “bulletproof hosting service” is an online service that is intentionally designed to provide web hosting or VPN services for criminal activity.
Safe-Inet has been around for over ten years and was used by cybercrooks to conduct various cybercrime activity, such as ransomware attacks or E-skimming breaches.
“This VPN service was sold at a high price to the criminal underworld as one of the best tools available to avoid law enforcement interception, offering up to 5 layers of anonymous VPN connections,” Europol said.
The European Union's law enforcement agency revealed it identified about 250 companies worldwide that were being spied on by the criminals to launch potential ransomware attacks using the Safe-Inet infrastructure.
Investigations are ongoing in a number of countries to identify and take action against some of Safe-Inet’s users, according to Europol.
In a message on Twitter (provided in both English and Russian) the operators of Safe-Inet said that they are aware of “the problem” and that the service will be restored in the coming days. The description of the Safe-Inet Twitter account says they have been “providing anonymity and security for 11 years.”