Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
U.S. Targets VPN and Cryptor Seller for Ransomware Aid

U.S. Targets VPN and Cryptor Seller for Ransomware Aid

Posted on July 14, 2026 By CWS

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned two individuals and a VPN service provider for their involvement in supporting ransomware operations. These sanctions are part of a broader effort to curb cybercriminal activities targeting American entities.

The sanctioned VPN, known as First VPN Service (1VPNS), along with its Ukrainian administrator, Dmytro Rashevskyi, is accused of facilitating ransomware groups. Additionally, Belarusian national Yegeniy Vladimirovich Silayev has been penalized for selling cryptors that help mask malware as legitimate software, evading detection by security systems.

International Crackdown on Cybercrime

In May 2026, First VPN was dismantled during a collaborative law enforcement operation across Europe and North America. The service, operational since 2014, was notorious for claiming it did not log user activities or cooperate with legal investigations, thus enabling cybercriminals to obscure their malicious activities.

The Treasury Department reports that ransomware groups used First VPN to attack U.S. businesses, financial institutions, healthcare providers, and government entities, inflicting billions in damages. These groups exploited the VPN to conceal the origins of their operations, manage stolen data, and deploy malware.

European Sanctions on Russian Cyber Networks

Simultaneously, the U.K. and the E.U. have imposed sanctions on Russian cyber networks for their disruptive activities across Europe. These measures target 24 individuals and entities involved in cyber and hybrid operations linked to the Russian Intelligence Services, including the GRU.

Among those sanctioned are senior GRU officials Vyacheslav Stafeyev, Ivan Senin, and Ivan Kasyanenko. The sanctions also address actions by the Centre 16 of the Russian Federal Security Service (FSB), which has been involved in sabotage operations against Poland’s energy infrastructure.

Ongoing Cybersecurity Threats

The U.S. Federal Bureau of Investigation (FBI) has issued a warning regarding FSB Center 16’s exploitation of vulnerable networking devices globally. These cyber actors are known to scan for poorly configured routers and exploit them to access critical infrastructure networks.

Techniques employed include scanning for devices with Simple Network Management Protocol (SNMP) vulnerabilities and using known Cisco device vulnerabilities, such as CVE-2018-0171 and CVE-2008-4128. These actions underscore the need for robust cybersecurity measures and timely patching of vulnerable systems.

The international community’s coordinated response aims to hold accountable those responsible for malicious cyber activities. By imposing sanctions and highlighting these threats, authorities strive to enhance cybersecurity and deter future attacks.

The Hacker News Tags:Cybercrime, Cybersecurity, First VPN, FSB, GRU, international sanctions, Malware, OFAC, Ransomware, Russian hackers, Treasury Department, U.S. sanctions, VPN service

Post navigation

Previous Post: Pentagon Reevaluates Cybersecurity Certification Strategy
Next Post: ModHeader Chrome Extension Pulled for Data Exfiltration Risk

Related Posts

Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments The Hacker News
Phoenix RowHammer Attack Bypasses Advanced DDR5 Memory Protections in 109 Seconds Phoenix RowHammer Attack Bypasses Advanced DDR5 Memory Protections in 109 Seconds The Hacker News
AI Is Transforming Cybersecurity Adversarial Testing AI Is Transforming Cybersecurity Adversarial Testing The Hacker News
Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account The Hacker News
Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users The Hacker News
Webinar on Securing AI Agents Against Cyber Threats Webinar on Securing AI Agents Against Cyber Threats The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Jscrambler Packages Compromised in Supply Chain Breach
  • xAI’s Grok Build Uploads Full Repositories to Cloud
  • ModHeader Chrome Extension Pulled for Data Exfiltration Risk
  • U.S. Targets VPN and Cryptor Seller for Ransomware Aid
  • Pentagon Reevaluates Cybersecurity Certification Strategy

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Jscrambler Packages Compromised in Supply Chain Breach
  • xAI’s Grok Build Uploads Full Repositories to Cloud
  • ModHeader Chrome Extension Pulled for Data Exfiltration Risk
  • U.S. Targets VPN and Cryptor Seller for Ransomware Aid
  • Pentagon Reevaluates Cybersecurity Certification Strategy

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark