This crooked VPN service was collecting user data the whole time
Anonymous VPN for cybercriminals wasn’t that anonymous after all
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
A Russian-basedVPNservice that was popular among cybercriminals has been seized by an international law enforcement operation led by the Dutch National Police with support from Europol and Eurojust.
AsreportedbyBleepingComputer,DoubleVPN was commonly used by cybercriminals due to the fact that it offered a double-encryption service to help them evade detection when conducting their illegal activities online.
However, what they didn’t know is that the service was keeping tabs on them in the form of customer logs that were seized along with servers and data from the company.
When using DoubleVPN, requests are encrypted and transmitted to one VPN server and then sent to additional VPN servers before finally connecting to the final destination. This allowed cybercriminals to hid both their real locations and originatingIP addresseswhen launching cyberattacks on both businesses and consumers.
Seized by law enforcement
DoubleVPN’s website is now offline after it was taken down by law enforcement and in its place, there is now awebsite seizure noticethat explains how the VPN’s owners “failed to provide the services they promised”.
While cybercriminals thought they were getting asecure VPNthat would help them stay anonymous, in reality the company was collecting personal information on them as well as logs and statistics on their online activity.
Europol provided further details on how DoubleVPN was marketed to cybercriminals and used to compromise networks worldwide in apress release, saying:
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“DoubleVPN was heavily advertised on both Russian and English-speaking underground cybercrime forums as a means to mask the location and identities of ransomware operators and phishing fraudsters. The service claimed to provide a high level of anonymity by offering single, double, triple and even quadruple VPN-connections to its clients. DoubleVPN was being used to compromise networks all around the world.”
ViaBleepingComputer
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
3 reasons why PIA fell in our best VPN rankings
Is it still worth using Proton VPN Free?
I’ve been covering Apple Watch deals for years – This is the one model most people should buy on Black Friday
