Stimulus Check Up | Apr 8, 2022 | 0
DoubleVPN servers, logs, and account info seized by law enforcement
Law enforcement has seized the servers and customer logs for DoubleVPN, a double-encryption service commonly used by threat actors to evade detection while performing malicious activities.
DoubleVPN is a Russian-based VPN service that double-encrypts data sent through their service.
When using the service, requests are encrypted and transmitted to one VPN server, which sends it to another VPN server, which finally connects to the final destination, as shown below.
Threat actors commonly use this service to obfuscate their locations and originating IP addresses when performing cyberattacks.
Servers and data seized by law enforcement
The doublevpn.com [archive.org] website was seized today by law enforcement, who stated that they gained access to the servers for DoubleVPN and took personal information, logs, and statistics for the service’s customers.
“On 29th of June 2021, law enforcement took down DoubleVPN. Law enforcement gained access to the servers of DoubleVPN and seized personal information, logs and statistics kept by DoubleVPN about all of its customers. DoubleVPN’s owners failed to provide the services they promised,” says the now-seized doublevpn.com website.
“International law enforcement continues to work collectively against facilitators of cybercrime, wherever and however it is committed. The investigation regarding customer data of this network will continue.”
Europol has confirmed to BleepingComputer that the seizure message is legitimate and that they will be providing more information about the operation tomorrow.
While no further information is available at this time, the splash screen states that the operation was conducted by Germany’s BKA, Netherland’s Politie, the FBI, the UK National Crime Agency, the United States Secret Service, the Royal Canadian Mounted Police, Eurojust, Switzerland’s Polizia Cantonale, Europol, Bulgaria’s GDBOP, and the Swedish National Police.
We will update this story as more information becomes available.
This is a developing story.