Danny Weber
Europol's Operation Saffron seized 33 servers of First VPN, a bulletproof VPN marketed to cybercriminals. The takedown highlights the fine line between privacy and criminal infrastructure.
Europol has taken down First VPN, a service it describes as a "bulletproof" infrastructure for cybercriminals. Codenamed Operation Saffron, the action was the result of an international investigation that started in 2021. In a coordinated effort, authorities seized 33 servers across 27 countries and identified 506 users of the service.
Law enforcement from 18 countries participated, with France, the Netherlands, Luxembourg, Romania, Switzerland, Ukraine, and the UK playing key roles. First VPN's domains, including both regular addresses and Tor hidden services, were seized and now redirect to an Operation Saffron banner. The investigation also led authorities to a location in Ukraine connected to the service.
According to Europol, First VPN marketed itself not just as a privacy tool but as a service that does not cooperate with legal authorities and claims to operate outside any jurisdiction. It was primarily advertised on Russian-language cybercrime forums. Law enforcement says the service frequently appeared in investigations involving online fraud, malware attacks, and ransomware.
The First VPN case highlights a complex issue: the line between legitimate digital privacy and the infrastructure used by criminals. Many regular VPNs also don't keep logs or have user data to hand over, but so-called bulletproof services are different—they openly cater to dubious clients, ignore abuse complaints, and often market themselves as resisting law enforcement.
Such operations inevitably raise questions about the legal limits of intervention. Server seizures depend on the laws of individual countries, and standards for warrants, evidence, and procedures can vary widely. In Europe, digital privacy is a protected right and GDPR imposes strict data handling rules, making the security-privacy balance especially delicate.
New EU proposals to expand law enforcement access to data or scan private messages for child protection add further complexity. Against this backdrop, the shutdown of First VPN is not just a blow to cybercriminal infrastructure but also a chapter in the ongoing debate about the future of online privacy.
© RusPhotoBank