An international coalition of law enforcement agencies has announced the shutdown of First VPN, a popular virtual private network (VPN) service used by at least 25 different ransomware gangs. The FBI reported that First VPN was widely utilized to conceal malicious activities, from running scams and launching DDoS attacks to conducting large-scale fraud and data theft.

Europol highlighted how deeply embedded the service had become within the cybercrime ecosystem, noting its role in nearly every major investigation supported by the agency in recent years. The service offered anonymity not just through encrypted connections but also via anonymous payments and hidden infrastructure, all marketed specifically to criminal hackers.

In a stark move, First VPN users were informed of their exposure due to the shutdown, with investigators obtaining the service’s user database and identifying connected IP addresses. The operation dismantled dozens of servers and disrupted the infrastructure, marking the end of an era for this once-ubiquitous tool in cybercrime.

The arrest of the service's administrator and ongoing investigations have sent a clear message to all those using such tools: anonymity is no longer guaranteed. With First VPN out of commission, law enforcement hopes to put a dent in the operations of numerous cybercriminals operating under its banner.