Law enforcement authorities closed in an international collaboration, VPN services that provided safe havens to cybercriminals. These VPN services were used to carry out ransomware attacks, web skimming, spear phishing and account theft.
The virtual private network Safe-Inet (VPN), used by criminals from all over the world, was shut down on December 21, 2020, in a coordinated law enforcement operation led by the German Reutlingen police together with the Europol but also law enforcement services from around the world. Europol issued the announcement for seizure. Today the closed domains display the following message
Safe-net was shut down and its infrastructure was confiscated in Germany, the Netherlands, Switzerland, France and the United States. The three domains seized were insorg.org, safe-inet.com and safe-inet.net. The servers stopped working and the homepage shown above (created by Europol) appeared online immediately after the domain confiscation.
The Safe-Inet domain has been active for over a decade and has been used by some of the biggest cyber criminals, such as ransomware gangs, e-skimming and more.
Administrators were selling the VPN service to cybercriminals as one of the best available if one wanted to avoid detection by the authorities.
The prices were very high because the service offered up to 5 levels of anonymous VPN connections.
Authorities were able to locate about 250 companies worldwide that were spying on criminals using this VPN. These companies have been warned of impending ransomware attacks on their systems so that they can take the necessary precautions.
The following is a list of law enforcement agencies involved:
Germany: Reutlingen Police Headquarters
Netherlands: National Police
Switzerland: Canton Police (Kantonspolizei Aargau)
United States: Federal Bureau of Investigation, FBI
France: Centrale de la Police Judiciaire
Europol: European Cybercrime Center (EC3)