Law enforcement officials from the United States, Germany, France, Switzerland and the Netherlands have neutralized the web domains and server infrastructure of three VPN services that provided cybercriminals with the ability to carry out cyberattacks.
The investigation revealed that the three domains insorg.org, safe-inet.com and safe-inet.net were offering visitors the services of the “bulletproof hosting provider” Safe-Inet. Domain servers were often used to disguise the real identities of ransomware operators, web skimmers (Magecart), online phishers and hackers involved in account hacking, according to the US Department of Justice and Europol . The services were provided by an organization described by the police as a "bulletproof hosting provider."
Bulletproof hosting is a virtual hosting or dedicated server, the owners of which are loyal to the content of the sites hosted on it and do not respond to requests from copyright holders and other interested parties. In this regard, such servers are very popular with spammers, online casino operators and distributors of prohibited content.
Law enforcement agencies around the world have conducted coordinated server neutralization in at least five different countries in addition to domain shutdowns. Europol plans to analyze the collected information and initiate proceedings to identify and take action against some Safe-Inet users.
According to Europol officials, the investigation identified about 250 companies worldwide that were spied on by cybercriminals to carry out potential ransomware attacks through the Safe-Inet infrastructure.
On Twitter Safe-Inet said they are aware of the incidence, and mentioned in the coming days the service will be restored.
Now Safe-Inet twitter account has been deleted.