Police seize “First VPN” service used in ransomware, data theft attacks
BleepingComputer • • world
Key Points:
- The virtual private network service "First VPN," commonly used in ransomware and data theft attacks, has been taken offline through a coordinated international law enforcement operation involving 27 countries.
- Authorities seized 33 servers, multiple domain names, disrupted key infrastructure, arrested the administrator in Ukraine, and conducted a house search as part of the crackdown.
- First VPN was advertised as a privacy-focused service that did not log user data or comply with law enforcement, but investigators infiltrated its infrastructure, collected user data, and identified cybercriminal connections.
- Europol and Eurojust coordinated efforts with 16 countries, sharing intelligence on 506 identified users and 83 intelligence packages to support ongoing investigations into cybercrime activities.
- The operation exposed thousands of users linked to cybercrime, generating leads related to ransomware, fraud, and other serious offenses, with all First VPN users notified though further legal actions remain unclear.