23 December 2020

Police shut down bulletproof VPN service used by cybercriminals


Police shut down bulletproof VPN service used by cybercriminals

In a global joint operation called “Operation Nova” law enforcement agencies from the US, Germany, Netherlands, Switzerland, France, along with Europol's European Cybercrime Centre (EC3) have disrupted Safe-Inet, a popular virtual private network (VPN) service used to facilitate criminal activity.

According to the US Department of Justice's and Europol's announcements, the police shut down three domains associated with Safe-Inet — insorg[.]org, safe-inet[.]com, and safe-inet[.]net and seized their infrastructure in Germany, the Netherlands, Switzerland, France and the United States.

A “bulletproof hosting service” is an online service that is intentionally designed to provide web hosting or VPN services for criminal activity.

Safe-Inet has been around for over ten years and was used by cybercrooks to conduct various cybercrime activity, such as ransomware attacks or E-skimming breaches.

“This VPN service was sold at a high price to the criminal underworld as one of the best tools available to avoid law enforcement interception, offering up to 5 layers of anonymous VPN connections,” Europol said.

The European Union's law enforcement agency revealed it identified about 250 companies worldwide that were being spied on by the criminals to launch potential ransomware attacks using the Safe-Inet infrastructure.

Investigations are ongoing in a number of countries to identify and take action against some of Safe-Inet’s users, according to Europol.

In a message on Twitter (provided in both English and Russian) the operators of Safe-Inet said that they are aware of “the problem” and that the service will be restored in the coming days. The description of the Safe-Inet Twitter account says they have been “providing anonymity and security for 11 years.”

Back to the list

Latest Posts

FBI warns of ongoing vishing attacks seeking to steal corporate credentials

FBI warns of ongoing vishing attacks seeking to steal corporate credentials

Cybercriminals use VoIP platforms to target company employees.
19 January 2021
IObit forum hacked in a DeroHE ransomware attack

IObit forum hacked in a DeroHE ransomware attack

It is unknown, how the hackers managed to compromise the forum, but it is possible that they gained access to an administrative account.
19 January 2021
OpenWrt Project discloses data breach

OpenWrt Project discloses data breach

The hackers gained access to an administrator account on the OpenWrt forum and stole a copy of the user list.
19 January 2021
0 дней, 0 часов, 2 минуты, 47 секунд142 дня, 21 час, 21 минута, 18 секунд