The Royal Canadian Mounted Police and nine other national police forces dealt a blow to cybercriminals on Monday by shutting down 15 computer servers they used around the world, including one in Quebec.
Posted at 10:36 a.m.
The international strike was aimed at dismantling VPNLab. net, one of the favorite VPN services for hackers, according to authorities. He used in particular three IP addresses located in a server of the French multinational OVH, in Beauharnois, in the suburbs of Montreal, learned La Presse.
VPNs (virtual private networks) are used to hide user identity and location by redirecting internet traffic to other IP addresses and encrypting information. Everyday citizens and organizations concerned about the security of their communications use these services, but VPNLab was particularly popular with hackers.
The RCMP, however, ensures that OVH was unaware that it was used to relay the traffic of cybercriminals. “They cooperated with the investigation. There will be no consequences for them, ”said Mélanie Cappiello, spokesperson for the federal police.
Confiscated homepage
Germany coordinated the international strike, which began shortly after 10 a.m. Monday. It also involved the Netherlands, Czechia, France, Hungary, Latvia, Ukraine, the United Kingdom and the United States.
VPNLab’s web address today leads to a page explaining that authorities shut down the virtual private network site.
“The service has been used to commit high-value cybercrimes and has been involved in several international cyberattacks,” says the text, since the night between Monday and Tuesday.
On its own site, the National Police of Ukraine mentions that VPNLab was used to carry out 150 ransomware attacks and extort the equivalent of 85 million from its victims.
In addition to being used to deploy the viruses, it would also have made it possible to “set up the communication infrastructure” of the pirates, affirms for its part the association of police forces Europol.
VPNLab advertised widely on the hidden web (dark web), particularly on some Russian-speaking forums.
“The police now have access to VPNLab’s servers. net and seized the consumer data they host,” its former homepage, which features the logo of the law enforcement agencies involved, including the RCMP, reads today.
IMAGE FROM THE WEB
The old VPNLab homepage. net now explains that the site was shut down after an intervention by 10 national police forces, including the Royal Canadian Mounted Police.
Another blow for pirates
This new operation against the infrastructure used by cyberpirates came three days after a Russian strike against those of the REvil (or Sodinokibi) gang. At the request of the United States, the country’s security services arrested 14 members of this “organized criminal group” and seized the equivalent of nearly 8.5 million in cryptocurrencies, rubles, US dollars and euros. They also seized about twenty luxury cars “bought with money from the crime”, according to Moscow.
In Quebec, REvil notably hit the car-sharing company Communauto. But above all, these Russian hackers infiltrated the HelpOx computer services firm in Mascouche. Once in its system, they were able to attack several of its customers, such as Celine Dion’s former golf club, Le Mirage, and the Rinox concrete parts factory in Mascouche, paralyzed after the destruction of its data in July 2020.
If the Russians put an end to the activities of REvil, Ukraine also accuses them of being behind a large-scale computer attack last week.
Some 70 sites of institutions in the country have been affected. The hackers posted messages on their sites saying that Ukrainians should “be afraid and expect the worst”. This cyberattack came shortly after negotiations between NATO and Russia broke down over the fate of Ukraine.