The Federal Bureau of Investigation (FBI) and other giant law enforcement agencies found three VPN services that served as safe havens for many online attackers for the past few years.
Miguel Chateloin uses a computer to write code that would allow people living in Cuba to use email to post to blogs during the Hackathon for Cuba event on February 1, 2014 in Miami, Florida. The hackathon brought together experts and programmers to devise innovative technology solutions aimed at strengthening communications and information access in Cuba. The event is organized by Roots of Hope with support from the John S. and James L. Knight Foundation.
The FBI and law enforcement agencies from Germany, the United States, Switzerland, and France already took down the malicious services. These include the domains safe-inet[.]net, insorg[.]org, and their homepages.
These agencies replaced the VPNs with banners, information all the visitors that the services have been seized as part of Operation Nova. The U.S. Department of Justice (DOJ) and Europol explained, during separate press releases, that the three companies' servers were usually used to protect the real identities of ransomware gangs.
These include popular cybercriminal groups, such as Magecart.
The three malicious VPNs
According to TechRadar's latest report, hackers used the three illegal VPN services to operate from behind a proxy network. This site was up to five layers deep, protecting the hackers' online activities from being tracked by security researchers and other agencies.
A participant looks at lines of code on a laptop on the first day of the 28th Chaos Communication Congress (28C3) - Behind Enemy Lines computer hacker conference on December 27, 2011 in Berlin, Germany. The Chaos Computer Club is Europe's biggest network of computer hackers and its annual congress draws up to 3,000 participants.
Also Read: Google and Microsoft Team Up with Facebook to File Charges Against NSO Group, a Spyware Vendor
The FBI confirmed that all the three companies, which had their domains seized, operated bulletproof hosting services. The US Attorney's Office for the Eastern District of Michigan explained the difference of bulletproof hosting from traditional web hosting during the press release.
"A bulletproof hosting service is an online service provided by an individual or an organization that is intentionally designed to provide web hosting or VPN services for criminal activity," said the department via TechRadar.
"These services are designed to facilitate uninterrupted online criminal activities and to allow customers to operate while evading detections by law enforcement," said the agency.
Why you should not use a free VPN service?
Business Insider's previous report explained that people should never use a VPN service, especially if it is offered for free. This service is a tool that allows you to download onto your phone or browser while protecting your online activity. However, security experts explained that if the VPN service is free, there is a high chance that it could end up leaking even more of your personal data instead of protecting your info.
Simon Migliano, head of research at Top10VPN, suggested that consumers should be extremely careful when using VPN services, even if they are free or not.
For more news updates about security breaches, always keep your tabs open here at TechTimes.
Related Article: Facebook Employees Grill Company Stating 'Hypocrisy' Regarding Social Media's Criticism of Apple
This article is owned by TechTimes.
Written by: Giuliano de Leon.
