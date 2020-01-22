from the they-should-have-used-a-VPN.-Oh... dept.
Police take down VPN linked to multiple ransomware hits:
The LabVPN virtual private network (VPN) service has been taken offline and its infrastructure seized in a multinational police operation, having allegedly been employed by cyber criminal gangs to support ransomware campaigns.
The Europol-aided operation on 17 January 2022 spanned 10 countries and involved 12 law enforcement agencies. It was led by the Hanover Police Department in Germany and saw 15 servers seized, with the network's UK-based node taken offline by the National Crime Agency (NCA).
The takedown is the result of a two-year investigation prompted by an August 2019 cyber attack on the local administration of Neustadt am Rübenberge, a small town of around 45,000 located near to Hanover.
LabVPN is accused of allowing its service to be used by cyber criminals in both the preparation and execution of ransomware attacks that have caused significant economic damage to many businesses, including in the UK.
The service was set up in 2008 and offered VPN services on the dark web based on OpenVPN technology, backed with 2048-bit encryption for around $60 per annum. This allegedly made it a popular choice for malicious actors.
(Score: 2) by jimtheowl on Friday January 21, @08:43AM (1 child)
I suspect that it was a little more complicated than that.
(Score: 0) by Anonymous Coward on Friday January 21, @11:16AM
It's expensive as hell, i'm surprised they had customers at all.
(Score: 0) by Anonymous Coward on Friday January 21, @10:39AM (1 child)
Looks like all VPNs can now be shut down with a similar excuse.
(Score: 2, Interesting) by khallow on Friday January 21, @12:24PM
It's fruitless to complain that emergencies and criminal/stupid behavior result in excuses for authoritarian action. These things happen over and over again. And my take is that even in the absence of perfidy, sufficiently important emergencies and such would eventually happen to justify almost any level of authority. A better strategy is needed.
I suggest the following as a starting point: 1) transparent description of the emergency and the responses of the authorities, 2) appropriate support at the time - treat as sincere, 3) follow up at a later time to determine whether there was any deception or other dysfunction, 4) penalties for government agents that fail to do their jobs, and 5) standing down from emergency stances and powers as soon as possible.
(Score: 0) by Anonymous Coward on Friday January 21, @04:23PM
So now that we know the cyber security world can relatively easily track down these criminals even through a VPN using high end encryption, are we still going to push for "backdoors" in everything?