The FBI and law enforcement from multiple European countries and Canada have taken down 15 computer servers that were used in “major international cyberattacks,” the law enforcement agencies said this week.
Europol, the European Union’s law enforcement agency, said in a statement that after apprehending the servers, investigators have identified “more than 100 businesses” that were at risk of being hacked by threat actors, including ransomware groups.
The crackdown also targeted a popular virtual private network (VPN) that police say the cybercriminals used to cover their tracks while breaching multiple organizations and trying to extort them.
This is the most recent effort by North American and European police to shut down ransomware groups that have targeted critical infrastructure on both continents. US and European enforcement agencies in October arrested two people in Ukraine who allegedly made multimillion-dollar ransom demands following hacks of European and US organizations.
The 10-country sting announced on Tuesday involved police from Germany, the United Kingdom, and Ukraine. A note from investigators on that date greeted visitors to the website of VPNLab.net (the targeted VPN service) with,”THIS DOMAIN HAS BEEN SEIZED.” The note also said that law enforcement would continue going through the VPN data in an effort to track down the hackers.
“The cybercriminals using this VPN were committing attacks globally,” Europol spokesperson Claire Georges said in an email.
The administrator of a popular Russian and English-language cybercrime forum with over 180,000 registered users has advertised the VPN service since 2009, according to Mark Arena, CEO of cybersecurity firm Intel 471.
This news comes as U.S. officials say they believe Russia has arrested the person responsible for the ransomware attack on a major US pipeline operator last May.