Global raid shuts down ransomware-linked VPN First VPN and seizes its infrastructure

May 22, 2026 at 02:14 AM

•

1 min read

Global raid shuts down ransomware-linked VPN First VPN and seizes its infrastructure — Photo: BleepingComputer

TL;DR Summary

An international operation led by France and the Netherlands, with Europol/Eurojust support, dismantled the ‘First VPN’ service used by ransomware and data-theft actors. Authorities seized 33 servers across 27 countries, shut down key domains, disrupted infrastructure, and arrested the administrator in Ukraine. Investigators infiltrated the VPN to recover data, with Europol reporting 506 identified users and 83 intelligence packages shared to aid ongoing investigations into ransomware and related crimes. While VPNs have legitimate uses, criminals leveraged this service to hide activity; all identified users have been notified and further legal action may follow.

Topics:world #cybercrime #cybersecurity #europol #law-enforcement #ransomware #vpn

Share this article

Police seize “First VPN” service used in ransomware, data theft attacks BleepingComputer
Cybercriminal VPN used by ransomware actors dismantled in global crackdown Europol
Law enforcement shuts down VPN service used by two dozen ransomware gangs TechCrunch
European authorities take down prolific cybercrime VPN service CyberScoop
Cybercriminal VPN Dismantled in Europol Crackdown Infosecurity Magazine

Reading Insights

Total Reads

Unique Readers

Time Saved

4 min

vs 5 min read

Condensed

89%

845 → 93 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights