DoubleVPN, a Russia-based VPN provider that is known to be popular with cyber-criminals to cover their tracks when launching online attacks, has been seized by a collective of international law enforcement agencies.
The seizure took place yesterday (29th June) and saw law enforcement bodies seize servers and logs from the provider. The DoubleVPN website is also now offline and has been replaced by a page from the agencies involved warning that the domain has been seized.
What is DoubleVPN?
DoubleVPN is a VPN that most VPNCompare readers will be unaware of since it is certainly not a service we would recommend.
It was based in Russia for a start, which is always concerning but particularly of late given that the Russian authorities now require such services to censor content and store data domestically.
DoubleVPN claimed to be super-secure and said that it protected all of its users by double-encrypting their data (as the name suggests). This sounds impressive but it is worth noting that the industry-standard 256-bit AES encryption used by most premium VPNs is already considered uncrackable.
Essentially, they were offering the same double-hop VPN servers that some premium providers like NordVPN also give their customers the option of.
But with DoubleVPN this was standard across their network, which means users will also have had to deal with the reduced speeds that this feature comes with as well.
DoubleVPN also claimed to be a no logs VPN and insisted that they kept no user information and no statistics of what its customers got up to online.
It now appears that this may not have been the case, and this case serves to emphases how much a No User Logs Guarantee involves taking the VPN provider on trust, and how valuable independent audits are.
Why did law enforcement bodies target DoubleVPN?
DoubleVPN's double-encryption was an attractive feature for online criminals and hackers and as a result, DoubleVPN had something of a reputation for hosting this type of user.
References to this provider can be easily found on hacker’s forums and the dark web. The service has also had previous brushes with the law too.
Back in 2014, a US lawsuit against an online shop selling counterfeit credit cards cited DoubleVPN as being the service used by at least one of those later convicted in the case.
It probably also didn’t help that DoubleVPN was based in Vladimir Putin’s kleptocratic Russia which, along with Communist China, is responsible for the vast majority of online hacker and cyber-crimes, particularly against targets in the west.
How was DoubleVPN taken down?
The DoubleVPN takedown appears to have been a joint operation by US and European law enforcement agencies.
The holding page now placed on the DoubleVPN website features the US Secret Service and Federal Bureau of Investigation (FBI) as well as Europol, EuroJust, Germany's BKA, Netherland's Politie, the UK National Crime Agency, the Royal Canadian Mounted Police, Switzerland's Polizia Cantonale, Bulgaria's GDBOP, and the Swedish National Police.
According to Bleeping Computer, which first noticed the change, these law enforcement agencies have now taken control of DoubleVPN's server network as well as their website domain.
They also claim to have seized information from these servers including “personal information, logs and statistics kept by DoubleVPN about all of its customers.”
As if rubbing the noses of DoubleVPN’s user in it, they then went on to say that “DoubleVPN’s owners failed to provide the services they promised.”
There is, as of yet, no firm evidence that they have accessed such information, but it seems highly unlikely that these law enforcement bodies would be making such a claim if it were not true, since they would have little to gain from such a move.
Instead, as they suggest, it seems far more likely that this dodgy VPN provider was keeping user logs, despite claiming that it wasn’t. As we said earlier, this is why independent audits of VPN privacy policies are so important in this day and age.
The statement on the DoubleVPN website concludes by saying “International law enforcement continues to work collectively against facilitators of cybercrime, wherever and however it is committed. The investigation regarding customer data of this network will continue.”
Europol has since issued a press release confirming the takedown detailing the prior months work to bring together law enforcement agencies across multiple jurisdictions.
The release confirmed DoubleVPN was in use by “ransomware operators and phishing fraudsters”.
This raises the very real prospect that more dodgy VPN providers that willingly facilitate hacking and other criminal activities on their platforms are likely to be targeted in the fulness of time too.
The lesson for those of us who want to use a VPN for legitimate reasons such as to protect our online privacy or evading state censorship is that choosing the right VPN is really important.
Stick to a tried and tested VPN provider and use kosher sites like VPNCompare to read up on your chosen provider and make sure they are the right one for you.
All of the VPN services we recommend on this site are legitimate and if there are ever any security or privacy issues, we will be among the first to draw them to your attention.
And if your VPN provider is based in Russia and talked about in glowing terms on hackers forums, it might be the right time to think about switching to a new one!