Milan, “Palmbeach” operation: facility seized for ransomware attacks on a global scale | Milan

Milan, “Palmbeach” operation: facility seized for ransomware attacks on a global scale | Milan
Milan, “Palmbeach” operation: facility seized for ransomware attacks on a global scale | Milan

Milan, the Postal Police, under the direction of the Milan Public Prosecutor’s Office, in the course of an international police operation, seized a VPN network infrastructure, capable of anonymizing and encrypting the computer traces used by criminal groups that hit their victims through ransomware.

The operation, conducted by the Milan Postal Police, which involved law enforcement and judicial authorities in Europe, the United States and Canada, was coordinated by Europol, Eurojust and the Dutch national prosecutor.

The Postal Police closed one of the nodes in the network infrastructure that provided a safe haven for cybercriminals from which to attack victims. In various parts of the world, the servers where DoubleVPN hosted content were seized, while their web domains were replaced by a splash page with the logos of the participating law enforcement agencies. This coordinated seizure was carried out in the framework of the European Multidisciplinary Platform Against Criminal Threats (EMPACT).

DoubleVPN was widely advertised on both Russian and English-speaking underground cybercrime forums as a means of allowing ransomware operators and phishing scammers to disguise their location and identity. The service prided itself on providing a high level of anonymity by offering single, double, triple and even quadruple VPN connections to its customers.

DoubleVPN has been used to compromise networks around the world, and its cheapest VPN connection was only € 22 ($ 25).

International coordination

International cooperation was key to the success of this investigation, as critical infrastructure was scattered around the world.

– Europol’s European Cybercrime Center (EC3) supported the investigation from the start, bringing together all the countries involved to establish a common strategy. Its cybercrime specialists organized over 30 coordination meetings and four workshops to prepare for the final stage of the takedown, as well as providing analytical and crypto-tracing assistance. On the day of the operation, a virtual command post was set up at Europol to ensure continuous coordination between all authorities involved in the operation.

– Eurojust facilitated cross-border judicial cooperation and coordination to ensure an adequate response in order to dismantle the network. To this end, six dedicated coordination meetings have been held since October last year, organized by Eurojust, and a coordination center was created on the day of the takedown.

Dutch prosecutor Wieteke Koorn said: “This criminal investigation concerns criminals who think they can remain anonymous by facilitating large-scale cybercrime operations. With our initiative, including the special investigative power on digital intrusions, we want to make it very clear that there can be no safe havens for these types of criminals. Their delinquent acts damage the digitized society and erode the trust of citizens and companies in digital technologies, so their behavior must be stopped ”.

Europol EC3 head Edvardas Šileris commented: “Law enforcement is more effective when they work together and today’s release sends a strong message to criminals using these services: the golden age of VPNs. criminals is over. Together with our international partners, we are committed to delivering this message loud and clear ”.

Participating authorities and police:

– Netherlands: National Police (Politie), National Prosecutor’s Office (Landelijk Parket)
– Germany: Federal Criminal Police Office (Bundeskriminalamt), Frankfurt am Main Attorney General’s Office – Cybercrime Center
– United Kingdom: National Crime Agency (NCA)
– Canada: Canadian Police (RCMP)
– Stati Uniti: Federal Bureau of Investigation (FBI), US Secret Service (USSS), US Department of Justice (DOJ)
– Sweden: Swedish Police Authority (Polisen), Swedish Judicial Authority (Åklagarmyndigheten)
– Italy: Lombardy Postal and Communications Police Department, Rome Postal and Communications Police Service, Milan Public Prosecutor’s Office
– Bulgaria: General Directorate for the Lotto against the Organized Crime of the Ministry of Internal Affairs of Bulgaria (General Directorate “Fight against Organized Crime” at the Ministry of Interior of the Republic of Bulgaria)
– Switzerland: Cantonal Police of Ticino (Cantonal Police of the Canton of Ticino), Public Ministry of the Canton of Ticino
– Europol: European Cybercrime Center (EC3)
– Eurojust .

PREV car overturned in via Franco Mezzadra, two injured
NEXT Zaki, prison extended | Amnesty: Is the government still calling for silence?