The FBI and police from multiple European countries and Canada have taken down 15 computer servers that were used in “major international cyberattacks,” law enforcement agencies said this week.
Europol, the European Union’s law enforcement agency, said that after seizing the servers, investigators have identified “more than 100 businesses” that were at risk of being hacked by cybercriminals, including ransomware groups.
The crackdown targeted a popular virtual private networking (VPN) service that police say cybercriminals used to cover their tracks while breaching numerous organizations and trying to extort them.
It’s the latest effort by North American and European police to bust ransomware groups that have threatened critical infrastructure on both continents. US and European enforcement agencies in the fall arrested two people in Ukraine who allegedly made multimillion-dollar ransom demands following hacks of European and US organizations.
The 10-country sting announced Tuesday involved police from Germany to the United Kingdom to Ukraine. A note from investigators on Tuesday greeted visitors to the website of VPNLab.net, the targeted VPN service: “THIS DOMAIN HAS BEEN SEIZED.” The note said that law enforcement would continue combing through the VPN data in an effort to track the hackers.
“The cybercriminals using this VPN were committing attacks globally,” Europol spokesperson Claire Georges told CNN in an email.
The administrator of a popular Russian and English-language cybercrime forum with over 180,000 registered users has advertised the VPN service since 2009, according to Mark Arena, CEO of cybersecurity firm Intel 471.
The news comes as US officials say they believe Russia, in a rare move, has arrested the person responsible for the ransomware attack on a major US pipeline operator last May.
Russia has historically been reluctant to curb cybercriminals operating from its soil. It is unclear if the arrest will see the individual, whom US officials have not identified, spend any time behind bars.
