VPNLab.net, a popular VPN service provider that has been taken down by an international law-enforcement operation. According to authorities the VPN allowed threat actors, mostly cyber-criminals to stay anonymous. Reportedly, many of its users were deploying ransomware and other forms of malware against companies.
VPNLab.net was a relatively well established VPN service provider that has been around for years. Since its launch in 2008 the service gained some popularity and was a popular VPN amongst computer enthusiasts. The service was really praised for its unique, double VPN feature, that routes traffic through two servers. This allowed users to stay more anonymous than with a normal VPN service. VPNLab.net was also popular for its low prices, offering their service for under 70$ per year.
Law enforcement agencies from all around the world teamed up to take down the VPN service. The operation was led by Europol, in coordination with the FBI. French, Latvian, Czech, UK, German, Hungarian, and Dutch authorities also took part in the sting. The operation was concluded once all 15 server location used by the service were seized.
A press release made by Europol, stated that VPNLab.net was "popular choice for cyber-criminals". It was also said that these criminals could "use its services to carry on committing their crimes without fear". It was also called a "platform for the anonymous commission of high value cyber-crime". According to the report, many major, international cyber-crimes involved this service. A different statement made by Ukrainian authorities said that the service was used in over 150 ransomware attacks.
After the seizure of the servers, Europol started investigations. It was found that over 150 companies were risk. In a statement, the agency said that these companies had planned attacks against them. Law enforcement quickly notified all the corporations of the potential risks. Their names have not been publicly revealed.
Despite being used by cyber-criminals, many users of the service were still normal people that wanted some extra privacy. This fact created a lot of concerns as this means that other VPN service can be taken down for the same reason. It seems like the authorities will be targeting services that truly value privacy and do not cooperate with law enforcement.
VPN services have been asked multiple times in the past to submit log files to law enforcement. Some VPN services that do not store any logs simply said that it's impossible, while some raised privacy concerns. The sad reality is that many mainstream services do cooperate with such agencies and submit all the logs requested. These logs can be used to see who connected to what server at what time, making it easy to track someone down.
The take down of VPNLab.net is not the first time law enforcement targeted a VPN services, yet it still comes as a surprise. VPNs are not illegal, and are meant to hide ones identity, yet it seems like they can still be targeted for being too good at their job. It is still unclear if the government asked the service to cooperate with it before taking it down.