The U.S. government, with the help of the FBI office in Detroit, has taken down an international organization that was providing assistance to cyber-criminals.
Dubbed "Operation Nova," the takedown involved a virtual private network ... which masks an internet address so online actions are virtually untraceable.
U.S. Attorney Matthew Schneider says the group provided “bulletproof hosting services” for criminal activity that allowed users to evade detection by law enforcement. By providing these services, Schneider says the group became co-conspirators in criminal schemes.
The seized domains are in the custody of the federal government. Related servers in at least five different countries have been shut down.
So, how do they operate? Law enforcement officials explained many of these services are advertised on online forums dedicated to discussing criminal activity. A bulletproof hoster’s activities may include ignoring or fabricating excuses in response to abuse complaints made by their customer’s victims; moving their customer accounts and/or data from one IP address, server, or country to another to help them evade detection; and not maintaining logs (so that none are available for review by law enforcement).
By providing these services, the bulletproof hosts knowingly support the criminal activities of their clients and become coconspirators in criminal schemes.
Much of the criminal activity occurring on the network involved cyber actors responsible for ransomware, E-skimming breaches, spearphishing, and account takeovers. The service’s website offered support in Russian and English languages, at a high price to the criminal underworld. This infrastructure preferred by cybercriminals was used to compromise networks all around the world.
The seized domains are in the custody of the federal government. Visitors to the sites will now find a seizure banner that notifies them that the domain name has been seized
