Ransomware

U.S. sanctions VPN provider and cryptor seller for aiding ransomware gangs

As reported by Security Affairs, the U.S. Treasury’s Office of Foreign Assets Control has sanctioned two individuals and one entity for providing tools and infrastructure to ransomware groups responsible for billions of dollars in losses to American businesses and critical infrastructure.

The sanctioned entities include First VPN Service (1VPNS), a virtual private network provider, and its administrator Dmytro Rashevskyi. Also sanctioned is Yegeniy Vladimirovich Silayev, who sells "cryptors" – tools used to disguise malware and evade security systems. These services enabled ransomware actors to hide their origins, deploy malware, and manage exfiltrated data, leading to attacks on victims such as hospitals, financial firms, and municipal governments.

The action, coordinated with the UK, targets the ransomware supply chain. U.S. sanctions freeze any assets of the sanctioned individuals and entities within U.S. jurisdiction and prohibit transactions with them. This action follows a May 2026 European law enforcement takedown of 1VPNS’s infrastructure, supported by the FBI.

Source: Security Affairs

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds