Law enforcement agencies in Europe and the United States have successfully taken down Safe-Inet, a VPN service used by the world’s top cyber criminals to spy on companies worldwide, target them with ransomware attacks, and evade detection by law enforcement agencies.
The operation that resulted in the takedown of Safe-Inet was led by German Police and assisted by Europol and law enforcement agencies from around the world. The operation led to the shutdown of Safe-Inet infrastructure in Germany, the Netherlands, Switzerland, France and the United States.
According to Europol, Safe-Inet was being used by some of the world’s biggest cybercriminals, such as the ransomware operators responsible for ransomware, E-skimming breaches and other forms of serious cyber crime. The VPN service was much sought-after in the world of cyber crime and commanded a huge price tag as it offered up to 5 layers of anonymous VPN connections.
“Law enforcement were able to identify some 250 companies worldwide which were being spied on by the criminals using this VPN. These companies were subsequently warned of an imminent ransomware attack against their systems, allowing them to take measures to protect themselves against such an attack. The service has now been rendered inaccessible,” Europol said.
The VPN Safe-Inet taken down by 🇩🇪 🇫🇷 🇳🇱 🇨🇭 🇺🇸 in an operation supported by #Europol. Safe-Inet was being used by some of the world’s biggest cybercriminals.
Its servers are now offline and more investigations are ongoing.
— Europol (@Europol) December 22, 2020
“The strong working relationship fostered by Europol between the investigators involved in this case on either side of the world was central in bringing down this service. Criminals can run but they cannot hide from law enforcement, and we will continue working tirelessly together with our partners to outsmart them,” said Edvardas Šileris, the head of Europol’s European Cybercrime Centre.
According to the U.S. Department of Justice, operators of Safe-Inet offered “bulletproof hosting services” to cyber criminals via three domains— INSORG.ORG; SAFE-INET.COM; SAFE-INET.NET, all of which were taken down by authorities.
“Much of the criminal activity occurring on the network involved cyber actors responsible for ransomware, E-skimming breaches, spearphishing, and account takeovers. The service’s website offered support in Russian and English languages, at a high price to the criminal underworld. This infrastructure preferred by cybercriminals was used to compromise networks all around the world,” it said.
The takedown of the Safe-Inet infrastructure takes place at a time when Europol and law enforcement agencies have armed themselves with a new decryption platform to analyse legally-obtained data and crack down on organised criminal and cyber criminal gangs.
The decryption platform will be operated solely by Europol’s European Cybercrime Centre (EC3) and it is expected to enable authorities to effectively fight back against organised crime groups, which generate large profits (online fraud), seriously harm victims (online child sexual exploitation) or impact critical infrastructure and information systems in the EU, including through cyber-attacks.