FBI confirms 25 ransomware groups using First VPN’s now seized services — here’s what we know
The FBI has confirmed that 25 ransomware groups were using the services of First VPN, which was recently dismantled in a coordinated operation. This operation, named 'Operation Saffron', involved the seizure of 33 servers and the VPN's European domain. The investigation revealed that First VPN facilitated various cybercrimes, including scams and botnets, by providing a secure environment for hackers.
- ▪The FBI identified 25 hacking groups linked to First VPN's illegal activities.
- ▪Operation Saffron led to the takedown of all First VPN domains and servers.
- ▪First VPN explicitly targeted cybercriminals by advertising on dark web forums.
Opening excerpt (first ~120 words) tap to expand
VPN VPN Privacy & Security FBI confirms 25 ransomware groups using First VPN’s now seized services — here’s what we know News By Silvia Iacovcich published 29 May 2026 A joint operation led by Europol and Eurojust took down all First VPN domains last week When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Shutterstock / BreizhAtao) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter The FBI identified 25 hacking groups linked to First VPN's illegal activitiesAvaddon Ransomware was included on the listThe FBI recommends stricter controls At least 25 ransomware groups were…
Excerpt limited to ~120 words for fair-use compliance. The full article is at TechRadar.
Discussion
0 commentsMore from TechRadar
