The US Department of the Treasury this week sanctioned First VPN Service, saying it enabled cybercriminals to launch ransomware attacks against American companies and institutions.
The Office of Foreign Assets Control, an intelligence and enforcement agency within the Department of the Treasury, also levied sanctions on First VPN administrator Dmytro Rashevskyi and Yegeniy Vladimirovich Silayev for selling tools used to disguise ransomware and other malware. These tools -- known as "cryptors" -- prevent security systems from detecting or deactivating them.
In May, European authorities dismantled First VPN, also known as 1VPNS, and arrested Rashevskyi, who is based in Dnipro, Ukraine, to culminate an investigation that began in 2021.
Europol, the EU's law enforcement agency, said that First VPN was well publicized on Russian-language cybercrime forums as a service offering anonymous payments, hidden infrastructure and services "designed specifically for criminal use."
The agency also said the VPN service helped cybercriminals hide their identities while carrying out ransomware attacks and data theft, and that it appeared "in almost every major cybercrime investigation supported by Europol in recent years."
Representatives for the Department of the Treasury did not immediately respond to a request for comment.
What is ransomware?
Ransomware is malicious software that gets into a computer system and prevents an individual or company from accessing files, systems or networks. The perpetrator will typically demand a ransom to regain access. It's a massive problem: One estimate puts the cost at $74 billion globally this year.
The FBI advises that people keep their operating systems and software programs updated, use anti-malware and antivirus programs and regularly back up data, among other tips. The FBI also does not recommend paying ransomware instigators.
Read more: Best VPNs for 2026
... continue reading