Dutch police takes down DoubleVPN, a service used by cybercrime groups
In an investigation spearheaded by Dutch police, Europol said it took down this week a service called DoubleVPN that provided virtual private network (VPN) servers and anonymity to cybercriminal gangs.
- The doublevpn.com website was seized on Tuesday, June 29, 2021.
- Dutch police and prosecutors said they used "their hacking powers to penetrate DoubleVPN's infrastructure" in order to take down the service.
- Europol also coordinated an intervention to seize DoubleVPN servers in Canada, Germany, Italy, Bulgaria, Sweden, Switzerland, the US, and the UK.
- Before being taken down, DoubleVPN was often advertised on Russian and English-speaking underground hacking forums.
- The service advertised itself as a mesh of multi-layered VPN connections to allow criminals to access malware backend panels and victim infrastructure without revealing their real IP address.
- The service also claimed it did not store any logs for customer connections.
- DoubleVPN provided its services for monthly fees ranging from $25 to $200.
- Authorities said the service was used to disguise the location of criminal gangs participating in ransomware and phishing attacks.
- The service had a good reputation in the cybercriminal underground before it was taken down this week.
Cybercrime gangs often used DoubleVPN to access their backend panels. Was mentioned in a few underground tutorials on how to maintain good OpSec https://t.co/x5SFTXfugC— Catalin Cimpanu (@campuscodi) June 29, 2021
Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.