JAKARTA - The Dutch National Police and Europol recently confiscated servers and web domains used by DoubleVPN. According to Europol sources, the Russia-based company is suspected of providing a secure operating infrastructure for cybercriminals.
The removal effort was coordinated by Europol's European Cybercrime Center with assistance from Eurojust, an EU agency. The operation was also carried out with assistance from authorities in the US, Canada, Germany, Italy, the UK, Sweden, Bulgaria and Switzerland.
"Servers were seized worldwide where DoubleVPN had hosted content, and web domains were replaced with law enforcement welcome pages. This coordinated removal was carried out within the framework of the European Multidisciplinary Platform Against Criminal Threats," Europol said.
Europol, the police coordinating agency in Europe, and other participating law enforcement departments did not report any arrests made in connection with the takedown of DoubleVPN. The confiscated server locations were also not made public.
"This criminal investigation concerns perpetrators who think they can remain anonymous while facilitating large-scale cybercrime operations," said Dutch Public Prosecutor Wieteke Koorn.
"By taking legal action, including special investigative powers for digital intrusion, we want to make it clear that there is no safe haven for these kinds of criminals," he added.
The Russian company is suspected of trying to operate on both sides of the line separating criminal and legal activity. The cache description the company posted on its website before it was removed advertises DoubleVPN as "a VPN service you can trust. We help you hide your real IP address and encrypt your internet traffic."
Europol notes that the company also markets itself on the darknet, and offers similar services to threat groups.
"DoubleVPN is heavily advertised on Russian and English-language underground cybercrime forums as a means to mask the location and identity of ransomware operators and phishing scammers," Europol said.
“This service is claimed to provide a high level of anonymity by offering its clients single, multiple, triple and even quadruple VPN connections,” said a Europol source.
Europol says DoubleVPN charges just $25 for a VPN connection and alleges that it is being used to harm networks around the world.
With dozens of entities hit by ransomware in recent months, including Colonial Pipeline Co., fighting ransomware attacks has become a top priority for President Joe Biden's administration.
Federal agencies blamed a Russia-based group for the Colonial Pipeline attack, which caused the company to temporarily shut down the 5,500-mile pipeline that serves most of the East Coast and provides 45% of the region's fuel.
At a June 16 summit in Geneva, Biden called on Russian President Vladimir Putin to actively pursue threat groups based in his country. But Putin denied any attacks had come from his country and instead said most were from the US and South America.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
