Demonstrating exactly why it's so important to pick a VPN (opens in new tab) carefully, Russian-based VPN provider, DoubleVPN, has been seized by an international law enforcement operation led by the Dutch National Police alongside support from Europol and Eurojust. First uncovered by Bleeping Computer (opens in new tab), the reason for the seizure is that despite promising to keep customers anonymous, DoubleVPN was actually collecting personal information on users along with logs and statistics on their online activity. At least, that's according to the relevant law enforcement agencies involved.
The service was previously popular amongst cybercriminals as well as regular consumers looking for a bargain, thanks to the service being so cheap as well as offering double, triple and even quadruple encryption through their service. While many VPNs are used by all kinds of people including both for legitimate reasons and more nefarious plans, Europol has released a statement confirming that "DoubleVPN was heavily advertised on both Russian and English-speaking underground cybercrime forums as a means to mask the location and identities of ransomware operators and phishing fraudsters."
However, it turns out that was a pretty terrible plan for such people because even though DoubleVPN claimed it offered a double-encryption service (hence the name), it was actually collecting quite a lot of information on users. That information is now in the hands of law enforcement including the US Secret Service, the FBI and other law enforcement agencies across the US and Europe.
A statement on the DoubleVPN site announced that "On 29th of June 2021, law enforcement took down DoubleVPN. Law enforcement gained access to the servers of DoubleVPN and seized personal information, logs and statistics kept by DoubleVPN about all of its customers. DoubleVPN’s owners failed to provide the services they promised. International law enforcement continues to work collectively against facilitators of cybercrime, wherever and however it is committed. The investigation regarding customer data of this network will continue."
So, what does this mean for regular customers? Providing you're not a cybercriminal, you shouldn't have anything to worry about although you may be rather disappointed to learn that DoubleVPN took your money somewhat disingenuously. This is the ideal time to check out the best VPN services (opens in new tab) out there and switch over to a much more reputable service provider. There are no shortage of options and, honestly, anything that isn't favored by hackers has to be a better bet.
Granted, there's no official evidence yet of logging and the FBI is yet to respond to requests for comments from CNET (opens in new tab) but it seems fairly likely there's a reason why the company has been seized by global enforcement and we're guessing there was a tip-off or two involved.
As mentioned, it's incredibly important to pick your VPN service carefully to avoid such issues in the future and to actually enjoy true anonymity.