The international network that served the cybercriminals and its leader were taken down

The Coalition of International Law Enforcement Agencies has announced the shutdown of First VPN, a service widely used by cybercriminals to conceal their illegal activities, and the arrest of its primary administrator. This was reported by Zamin.uz.
According to information from the U.S. Federal Bureau of Investigation, this service became so popular that at least twenty-five groups involved in developing malicious software used it specifically to hide their traces. International technology publications have provided detailed coverage of this operation.
Cybercriminals used this network not only to conceal their identities but also to scan entire internet infrastructures, operate remotely controlled computer botnets, carry out large-scale cyberattacks, and execute various fraud schemes—all relying on this infrastructure. The service operated servers in twenty-seven countries and even offered specialized anonymous payment systems for criminals.
This significantly complicated the tracking of illicit financial flows. As stated in a Europol announcement, the network had become an inseparable part of the cybercrime world.
In recent years, the name of this service appeared in nearly every major international cybercrime investigation. The service was primarily advertised on Russian-language forums, promising users that no data would be stored and that identification would be absolutely impossible.
This effectively served as a safe haven for cybercriminals. However, as a result of complex investigative operations, law enforcement agencies succeeded in obtaining the service’s user database.
As a result, thousands of individuals linked to the cybercrime world were exposed. Following a large-scale operation that began several years ago, dozens of servers were seized and the entire system was completely shut down.
Based on the seized data, new criminal cases are expected to be initiated.





