Saturday, February 8, 2025
HomeCyber CrimeDoubleVPN Taken Down by Federal Authorities That Was Used by Hackers To...

DoubleVPN Taken Down by Federal Authorities That Was Used by Hackers To Bypass Detection

Published on

SIEM as a Service

Follow Us on Google News

Law enforcement of Europe has seized the servers and log files of DoubleVPN that has been continuously used by Cybercriminals for the double-encryption service to bypass detection

Apart from Europe, the United States and Canada have also seized the domains and servers of DoubleVPN. The security researchers of the Europol agency affirmed that the threat actors have used a virtual private network service as a “safe haven” to conceal their main identity all over the world.

DoubleVPN is a Russian VPN service that generally double-encrypts data that is passing through it, and currently, the cybercriminals are targetting DoubleVPN for the execution of their ill-disposed activities. 

When the service is being used, at that time the requests are encrypted and dispatched to one VPN server, which later gets forwarded to another VPN server, and doing this the hackers can easily accomplish their ultimate goals.

International coordination

The international coordination of law enforcement agencies was done centrally, as this attack has been spreading all around the world.

  • Europol’s European Cybercrime Centre (EC3) 

They have helped in the investigation from the beginning, and they brought together all the countries that were involved in the joint strategy.

  • Eurojust 

They have supported and at the same time served judicial cross-border interaction and coordination, and they guaranteed a satisfactory response in order to take down the network.

Servers & data seized by law enforcement agencies

Initially, the law enforcement had seized the DoubleVPN on 29th June, by claiming that they obtained access to the servers for DoubleVPN and took logs, statistics, and all kinds of personal information of the customers of the service.

The experts also stated that international law enforcement remains to work against facilitators of cybercrime, and will find the details that where and how its attacks were performed. 

Authorities & Agencies participated

The Netherlands:- 

National Police (Politie), National Public Prosecutor’s Office (Landelijk Parket)

Germany:- 

Federal Criminal Police Office (Bundeskriminalamt), Prosecutor General’s Office Frankfurt am Main – Cyber Crime Center

United Kingdom:- 

National Crime Agency (NCA)

Canada:- 

Royal Canadian Mounted Police (RCMP)

United States:- 

Federal Bureau of Investigation (FBI), US Secret Service (USSS), US Department of Justice (DOJ)

Sweden:- 

Swedish Police Authority (Polisen), Swedish Prosecution Authority (Ã…klagarmyndigheten)

Italy:-

State Police (Polizia di Stato, Servizio Polizia Postale e delle Comunicazioni Roma, Compartimento Polizia Postale e delle Comunicazioni Lombardia), Public Prosecutor’s Office of Milan (Procura della Repubblica di Milano)

Bulgaria:- 

General Directorate for the Fight against Organised Crime of the Bulgarian Ministry of Internal Affairs

Switzerland:- 

Cantonal Police Ticino (Polizia Cantonale del Cantone Ticino), Public Prosecutor’s Office Ticino (Ministero Pubblico del Cantone Ticino)

Europol:- 

European Cybercrime Centre (EC3), Eurojust

Moreover, the security analysts and authorities asserted that since this type of attack is engaged in ransomware attacks, that’s why it is very important to stop such threats and attacks. 

So, for this reason, Europol has announced that “The golden age of criminal VPNs is over,” in one of their reports.

Also Read: Cyber Police Seized Bot Farm that used to Send Large Scale Spam Emails

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access

United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all...

Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity

Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning...

Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks

Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is...

Cybercriminals Target IIS Servers to Spread BadIIS Malware

A recent wave of cyberattacks has revealed the exploitation of Microsoft Internet Information Services...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Pumakit – Sophisticated Linux Rootkit That Persist Even After Reboots

Pumakit is a sophisticated rootkit that leverages system call interception to manipulate file and...

FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages

Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms....

Hackers Using YouTube Links and Microsoft 365 Themes to Steal Logins

Cybercriminals are executing sophisticated phishing attacks targeting Microsoft 365 users by employing deceptive URLs...