back to article International law enforcement op nukes Russian-language DoubleVPN service allegedly favoured by cybercriminals

Europol, the US Department of Justice, and Britain's National Crime Agency have taken down a VPN service they claimed was mainly used by criminals – boasting that they hoovered up "personal information, logs and statistics" from the site. The DoubleVPN site went dark yesterday after law enforcement agencies swooped on its …

  1. Eclectic Man Silver badge

    Well done!

    Congratulations to Europol and the other agencies, although I suspect that this is akin to 'a drop in the ocean' of Internet miscreant sites, I'm assuming it was tricky to track down the actual servers.

    1. Pseudononymous Coward
      Childcatcher

      Re: Well done!

      It depends if it is the start of a general assault on VPNs or not. Label them "criminal services" to get the public onside and then take them down one by one.

      Lots of governments find VPNs objectionable because it makes it harder to spy on their citizens - e.g. GCHQ’s Tempora programme works by intercepting data on most of the fibre-optic communications cables in and out of the UK. There are apparently around 300 GCHQ and 250 NSA staff processing all that luverly data to snoop on everyone.

      All that is a bit screwed with VPNs, so altogether after me "if you have nothing to hide then you have nothing to fear" and "if you have something to hide then you are up to no good".

      1. Pascal Monett Silver badge

        I have nothing to hide and I demand that you justify what right you have to ask.

        1. John Brown (no body) Silver badge
          Big Brother

          "Because!"

        2. Anonymous Coward
          Anonymous Coward

          Re: I have nothing to hide

          In contrast, have very many things to hide. But just because they aren't illegal doesn't mean they are anybody else's business.

          1. Cynic_999 Silver badge

            Re: I have nothing to hide

            There is absolutely nothing wrong with having "something to hide". And just about every adult, no matter how law-abiding, has almost certainly done many things in their life that they would not want everyone else to know about. Next time someone claims to have nothing to hide, just ask them to tell you intimate details of their sex life, including fantasies and any embarrasing incidents they suffered in their teens so you can post it on a public web site.

            If having something to hide is regarded as undesirable or suspicious, bear in mind that governments want to hide far more things than most citizens.

        3. Pseudononymous Coward
          Big Brother

          >I have nothing to hide and I demand that you justify what right you have to ask.

          In the UK, the justification is that Parliament has rubber stamped the laws that give them that right, with some Mickey Mouse-level oversight as a bit of window-dressing.

        4. iron Silver badge

          He's thinking of the children, duh.

      2. NoneSuch Silver badge
        FAIL

        Funny...

        US Gov does not mind it when crims use AES256 based encryption methods.

        That's a beard stroker that one.

  2. Hubert Cumberdale Silver badge

    So... which VPN providers are actually legit and really don't log anything? I'm asking for my friend Dave.

    1. Brian Miller

      That would be the one you've set up by yourself, without telling anybody about it beforehand. Otherwise, I'm sure that all VPN providers log data. It's just a matter of who gets it, and when.

    2. Anonymous Coward
      Anonymous Coward

      I'd tell you but tbh I think there's a sort of vpn habitable zone between being too small and obscure and thus super easy to raid and squash, and too big to fly under the spooks radar any more and the visits by serious men with their own equpiment and documents you acknowlege to have received and be bound by terrible penalties if you ever tell anyone

    3. Anonymous Coward
      Anonymous Coward

      So... which VPN providers are actually legit and really don't log anything?

      Mullvad was highly recommended by the man who was independent, until he decided that good intentions are great, but he needs to eat too, so he sold out. Trouble is, mullvad _say_ they don't log anything, which is the problem with any vpn. And most of VPN providers know their claims are unverifiable, so they lie. And log (which has been proven a couple of times, when the no-logs surfaced, either hacked, or in court papers). After all, what's worse for a business - a porn-lover or low-rank crim from across the world that threatens to take them to court (from behind the bars), or a visit from local enforcement officers that raid VPN premises? Business is in numbers, and in uninterrupted operations rather than in standing behind some anonymous, possibly law-breaking bloke that pays 5 euro per month.

      btw, I have no opinion on mullvad's claim, but I can only _hope_ their claims of no logs are true, nothing more than that. I'm only pointing out there's no _universal_, reliable / incorruptible and _enforceable_ ISO-standard for VPNs. And, given governments' increasingly hostile stand against VPNs, there won't be any standard in place.

      1. Cynic_999 Silver badge

        Re: So... which VPN providers are actually legit and really don't log anything?

        It would be stupid to run a VPN without any logging at all. How else could you identify the sources of the inevitable DOS and other malicious attacks? It would be almost as stupid as admitting that you log users.

  3. mark l 2 Silver badge

    Exactly what are the criminal charges for the DoubleVPN operators, as other than generic statement from the plod about being used mainly by criminals it doesn't really give any indication as to how it is breaking the law?

    Seems like a fishing exercise to me where they don't actually have any evidence against the service. What the bet if they were truly not keeping logs as the operators of DoubleVPN claimed the servers will spring back to life in a few days controlled by the NSA/GHCQ and with logging enabled to try catch anyone still using.

    1. Anonymous Coward
      Anonymous Coward

      You mean you want the plod to gather evidence and identify which laws were broken? How terribly old-fashioned of you! They find it had to manufacture evidence these days, so they don’t bother.

      1. Cynic_999 Silver badge

        The modern technique is to identify what the target is doing, then make a new law so that it becomes illegal.

    2. John Brown (no body) Silver badge

      "Exactly what are the criminal charges for the DoubleVPN operators,"

      Probably aiding and abetting for starters.

      Para 4. of the article;

      "Europol said the service was "heavily advertised on both Russian and English-speaking underground cybercrime forums," offering double, triple or even quadruple-layered VPN services to its customers."

      ...which indicates they were actively courting criminals as customers. It's a bit like the local pawn shop putting a sign in the window saying "we buy anything, no questions asked" and then posting flyers to all the local burglars.

      1. Anonymous Coward
        Anonymous Coward

        local pawn shop putting a sign in the window saying "we buy anything, no questions asked"

        hell, that's exactly like Virgin media, or any other business in fact: we welcome ALL customers, no questions asked!

  4. NonSSL-Login
    Holmes

    Security services don't like data holes in their mass surveillance machine

    Always wondered if the double/triple VPN tunnels caused issues for the 5 eyes system and this action seems to verify it.

    While the 5 eyes spliced optical cables can hoover up all the data and store for a few months at least, they can't easily automate and link the traffic of tunnels inside tunnels. So instead took down a service that didn't have an obvious way to link data like some Double Hop providers where if you go in ip 1.1.1.50 you always come out at 1.1.1.51 or a known IP related to the joining node.

    So have your router with wireguard connected to one VPN or your own server and they have another machine on your network used as a gateway before the router with OpenVPN to another provider. Add a third layer with yet another OpenVPN or Wireguard provider with your own machine/virtual machines and even throw TOR in to the equation of you want.

    Just means that someone will have to try hard to descramble it all manually which they will only do in extreme cases which most averages joes having all their data logged are not. If they really want someone let them waste a 0day exploit on them rather than bulk logging everyones data. Make it hard for them

  5. FILE_ID.DIZ Bronze badge
    WTF?

    Are there any smart criminals left?

    So wait... just so that I understand what was going on here...

    DoubleVPN was a single, monolithic company with multiple PoPs and they upcharged you to route your traffic through multiple PoPs before heading to the destination.

    Yet the infrastructure was all owned by the same organization?

    In the old hackers example provided in the article, the protection afforded was that you were bouncing off non-related infrastructures, so it'd take longer and be harder to back-trace the traffic. (According to a friend.)

    It seems that all these clowns did is introduce excessive latency and hike the cost to connect to your destination.

  6. KittenHuffer Silver badge
    Black Helicopters

    I use two VPNs ....

    .... both of them using ROT13 encryption!

    I have to cos they're always watching me! ---------->

    1. lglethal Silver badge
      Joke

      Re: I use two VPNs ....

      @KittenHuffer - The'y probably stop watching you, if you stopped huffing kittens. Just sayin'...

      1. Danny 2 Silver badge

        Re: I use two VPNs ....

        We all huff kittens though, admit it. It's no longer the taboo it used to be. I think it was Liz on 30 Rock who admitted that every woman feels the need to squeeze a babies thigh at least once. Not me, but I used to throw my kitten across the room onto cushions, and it would run back for more.

        Two famous 'indy' activist websites used to claim that they didn't log IP addresses when they clearly, obviously and demonstrably did. You kind of have to. I called them out on it and offline they admitted it and asked me to keep quiet 'for the greater good'. The thing is they had already been compromised by the police/security services, either by infiltrators or pressurised traitors.

        If you leave honey on the internet then sooner or later it will be turned into a honeypot trap.

      2. KittenHuffer Silver badge
        Devil

        Re: I use two VPNs ....

        But I just can't resist the Ginger ones! They really mess you up!

  7. m-k

    The operation began in October last year,

    it would be funny if it was actually a sting related to that major sting, i.e. when they busted that 'secure' comms channel a month or so ago. So, those that managed to evade desperately seek a new new to resume business and here's that cool, vpn service that's like, totally secure, man! :)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021