A combined law enforcement operation led by the Federal Bureau of Investigation and Europol and including agencies from Germany, France, Switzerland, and the Netherlands has taken down three so-called ‘bulletproof’ VPNs this week, it has been revealed.
The three services in question were insorg.org, safe-inet.com, and safe-inet.net. The law enforcement agencies have seized website domains and server infrastructure for all three VPNs in an operation referred to as Operation Nova.
All three VPNs were well established and had been operating for more than a decade. They are believed to have all been operated by the same individual and all had been heavily advertised on the dark web and on other criminal sites in both English and Russian.
The web domains associated with the three VPNs are now showing the splash page from Europol for domain seizures.
Statements from both Europol and the US Department of Justice claimed that all three sites were “used by some of the world’s biggest cybercriminals” with clients believed to include ransomware operators, criminals involved in web skimming (MageCart), spear phishing operators, and account hijackers.
What is a ‘bulletproof’ VPN
A “bulletproof” VPN is a service that is intentionally designed to provide VPN services to facilitate criminal activity.
Most regular VPNs, such as the ones recommended on this site, will actively discourage criminal activity on their service and some will even remove users off if there is any evidence that they are using the site for criminal activity.
A “bulletproof” VPN actively courts online criminals and tailors a service to meet their needs. The VPNs involved in this operation are believed to have allowed their customers to operate from behind a proxy network up to five layers deep, to give extra online security to cover for their criminal activities.
They actively helped their customers to avoid detection from law enforcement agencies and also provided activities such as ignoring or making up excuses in response to abuse complaints they might receive from victims, moving customer accounts or data from one IP address, server, or country to another, as well as having a genuine no user logs policy.
The pricing structures of these three VPNs also gave a little away about their true nature. Uses could subscribe on a daily basis, with prices ranging from $1.3 a day to $190 a year. There were 39 servers available and also a 24/7 support service if users ever got into any problems with their nefarious activities and needed technical assistance.
According to the statements given by Europol and the Department of Justice, the infrastructure and service provided by these VPNs was used “to compromise networks all around the world.”
They were also reportedly used by “some of the world’s biggest cybercriminals.”
The joint operation to take the three VPNs down was known by the codename Operation Nova. It was coordinated by Europol officials, and led by officers from the German Reutlingen Police Headquarters.
The FBI was responsible for seizing and shutting down the VPNs US-based servers while further servers were seized in five other countries around Europe.
In a message which doesn’t bode well for the criminals that used the service, Europol claimed in their statement that it plans to analyse the collected information from these servers and start cases to identify and take action against some of the services' users.
However, if the no user logs guarantee that these VPNs claimed was genuine, it is likely that the only information they might ascertain is details of those who had accounts with these VPNs and hadn’t signed up anonymously.
These are criminal VPN
It is important to stress that this operation does not blot the copybook of the VPN market more generally.
These are criminal enterprises which appear to have originated in Russia, home to so much of the world’s cybercrime. They were created to serve online criminals and while it is possible they had some genuine users; the vast majority will have been from the criminal fraternity.
Any community can have its bad eggs and the fact that these three VPNs have been taken offline should not reflect ill on those premium VPNs who operated their services in a perfectly legal and law-abiding way.
VPNs are totally legal to use in all but a handful of countries around the world and are recommended by the majority of cybersecurity experts for the privacy and security protections the offer to their users.
Responsible VPN providers do not advocate using their services to conduct criminal activity and neither do we here at VPNCompare.co.uk.
The loss of VPNs run by Russian criminal groups should serve to enhance the reputation of VPNs rather than detract from it.