.svg){kind=spacer}
May 26, 2026
In brief
International law enforcement has taken down “First VPN,” a virtual private network service allegedly used by cybercriminals in ransomware, data theft, fraud, and other serious attacks. Authorities seized 33 servers across 27 countries, took control of several clear-web and onion domains, disrupted the service’s infrastructure, identified and questioned a Ukrainian suspect, and conducted a house search in Ukraine. The service had reportedly been marketed on cybercrime forums as a privacy-focused VPN that kept no logs and ignored law enforcement requests.
The investigation began in December 2021 and later became a joint French-Dutch effort, supported by Europol, Eurojust, and investigators from 16 countries. Before the shutdown, investigators infiltrated the VPN infrastructure, collected user data, and identified connections used in criminal activity. Europol said intelligence gathered from the operation exposed thousands of users tied to the cybercrime ecosystem, with information on 506 users and 83 intelligence packages shared internationally to support ongoing and future investigations.
Source: BleepingComputer
