‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested
The FBI says First VPN has been used by dozens of ransomware groups for network reconnaissance and intrusions. The post ‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested appeared first on SecurityWeek.
Authorities in North America and Europe have participated in a law enforcement operation to disrupt First VPN, a popular cybercrime service used for ransomware and other attacks.
According to the FBI, First VPN has been active since 2014, providing 32 exit nodes across 27 countries at the time of its disruption. The service, advertised on Russian-language dark web cybercrime forums, has been used by at least 25 ransomware groups for network reconnaissance and intrusions.
IP addresses associated with First VPN have been involved in scanning, botnets, DoS attacks, and hacking.
Source: https://www.securityweek.com/first-vpn-cybercrime-service-disrupted-administrator-arrested/
Related breach coverage
- Canadian Man Arrested for Operating Kimwolf Botnet2026-05-22
Jacob Butler, 23, has been arrested in Canada and US authorities are seeking his extradition on computer hacking charges. The post Canadian Man Arrested for Operating Kimwolf Botnet appeared first on SecurityWeek.
- 201 Arrested in Crackdown on Cybercrime in Middle East, North Africa2026-05-19
The 13-country effort, named Operation Ramz, targeted cyber threats in the Middle East and North Africa region. The post 201 Arrested in Crackdown on Cybercrime in Middle East, North Africa appeared first on SecurityWeek.
- Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’ 2026-05-19
Fox Tempest provides a service that cybercriminals use to distribute ransomware and other malware disguised as legitimate software. The post Microsoft Disrupts Malware-Signing Service Run by ‘Fox Tempest’ appeared first on SecurityWeek.
- Grafana Confirms Breach After Hackers Claim They Stole Data2026-05-18
Grafana appears to have been targeted by Coinbase Cartel, a cybercrime group linked to ShinyHunters, Scattered Spider, and Lapsus$. The post Grafana Confirms Breach After Hackers Claim They Stole Data appeared first on SecurityWeek.