Close Menu
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

What's Hot

Iran-Linked MuddyWater Poses as Ransomware Gang to Mask Espionage

June 25, 2026

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

June 24, 2026

Researchers Trick AI Browsers Into Leaking Credentials

June 24, 2026
Facebook X (Twitter) Instagram
Thursday, June 25
Facebook X (Twitter) Instagram Pinterest Vimeo
Cyberwire Daily
  • Home
  • News
  • Cyber Security
  • Internet of Things
  • Tips and Advice
Cyberwire Daily
Home»News»Cybercriminal VPN Dismantled in Europol Crackdown
News

Cybercriminal VPN Dismantled in Europol Crackdown

Team-CWDBy Team-CWDMay 21, 2026No Comments2 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
Share
Facebook Twitter LinkedIn Pinterest Email


A VPN service used by ransomware operators, fraudsters and data thieves to mask their activity has been taken offline in a coordinated operation led by France and the Netherlands.

According to Europol, the law enforcement action ran from May 19 to 20 and resulted in 33 servers being dismantled, three domains being seized and the service’s administrator being interviewed during a house search in Ukraine.

The VPN service had been advertised for years on Russian-language cybercrime forums, marketed as a way to stay invisible to law enforcement. It accepted anonymous payments and ran infrastructure tailored to illicit use.

Embedded in the Cybercrime Ecosystem

Europol said First VPN had appeared in almost every major cybercrime investigation it had supported in recent years. The service let attackers hide where they were operating from while running ransomware campaigns, fraud operations and bulk data theft.

The seized domains include 1vpns.com, 1vpns.net and 1vpns.org alongside associated onion-routed addresses. Investigators have reached out to the service’s users, letting them know they have been identified.

Read more on cybercriminal takedowns: Europol Busts Albanian Scam Call Centers in Major Online Fraud Case

The investigation behind the takedown began in December 2021, with investigators eventually gaining access to the service and obtaining its user database. Cybersecurity firm Bitdefender supported the work through Europol.

Thousands of Users Linked to Active Cases

The intelligence haul has already produced 83 intelligence packages shared with international partners, information on 506 users disseminated globally, and 21 Europol-supported investigations advanced through the data gathered.

Michael Jepson, head of penetration testing at CybaVerse, said the strategic value of takedowns like this lies in the data they generate as much as the immediate disruption.

“These operations often contain large amounts of data on thousands of criminals and threat actors, which authorities can leverage for further investigation and prosecution,” he said.

“The data gathered from this takedown will fuel follow-on investigations into activity conducted via First VPN.”



Source

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleMicrosoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
Next Article 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Team-CWD
  • Website

Related Posts

News

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

June 24, 2026
News

Researchers Trick AI Browsers Into Leaking Credentials

June 24, 2026
News

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

June 24, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest News

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202522 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views

Why SOC Burnout Can Be Avoided: Practical Steps

November 14, 20259 Views

Cyber M&A Roundup: Cyber Giants Strengthen AI Security Offerings

December 1, 20258 Views
Stay In Touch
  • Facebook
  • YouTube
  • TikTok
  • WhatsApp
  • Twitter
  • Instagram
Most Popular

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

November 24, 202522 Views

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Securi

September 7, 202517 Views

North Korean Hackers Target Crypto Firms with ClickFix and Zoom Lures

April 29, 202610 Views
Our Picks

When ‘hacking’ your game becomes a security risk

October 17, 2025

What are brushing scams and how do I stay safe?

December 24, 2025

What parents should know to protect their children from doxxing

November 28, 2025

Subscribe to Updates

Get the latest news from cyberwiredaily.com

Facebook X (Twitter) Instagram Pinterest
  • Home
  • Contact
  • Privacy Policy
  • Terms of Use
  • California Consumer Privacy Act (CCPA)
© 2026 All rights reserved.

Type above and press Enter to search. Press Esc to cancel.