{"id":289326,"date":"2026-07-14T04:02:00","date_gmt":"2026-07-14T08:02:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/07\/14\/u-s-sanctions-first-vpn-service-and-malware-cryptor-seller-over-ransomware-support\/"},"modified":"2026-07-14T07:55:06","modified_gmt":"2026-07-14T11:55:06","slug":"u-s-sanctions-first-vpn-service-and-malware-cryptor-seller-over-ransomware-support","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/07\/14\/u-s-sanctions-first-vpn-service-and-malware-cryptor-seller-over-ransomware-support\/","title":{"rendered":"U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/07\/us-sanctions-first-vpn-service-and.html\">U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/07\/us-sanctions-first-vpn-service-and.html\">https:\/\/thehackernews.com\/2026\/07\/us-sanctions-first-vpn-service-and.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-07-14 04:02:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p>The U.S. Treasury Department&#8217;s Office of Foreign Assets Control (OFAC) has designated two individuals and a VPN service provider for enabling ransomware actors&#8217; and other cybercriminals&#8217; malicious activities, including ransomware attacks against Americans.<\/p>\n<p>The VPN, named First VPN Service (1VPNS), has been accused of offering its tools to ransomware groups, along with its 45-year-old Ukrainian administrator, Dmytro Rashevskyi. The department has also sanctioned Yegeniy Vladimirovich Silayev, a Belarusian national, for selling cryptors to help conceal ransomware and other malware as safe programs to avoid being detected by security tools.<\/p>\n<p>First VPN was dismantled in May 2026 as part of a joint law enforcement operation by European and North American authorities for assisting criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. The service had been operational since 2014, advertising that it neither keeps a log of users&#8217; identities or activities nor cooperates with law enforcement to tackle illegal activity originating from servers it rents to customers.\u00a0<\/p>\n<p>Per the Treasury, several ransomware groups are said to have purchased First VPN to carry out attacks on U.S. companies and institutions and hide their true origins, deploy malware, and manage exfiltrated data. Victims of ransomware attacks that involved the VPN infrastructure included U.S. businesses, financial services companies, hospitals, and municipal governments.<\/p>\n<p>Ransomware groups using services supplied by the designated parties allegedly caused billions of dollars in losses to American businesses and critical infrastructure providers, U.S. officials said.<\/p>\n<p>&#8220;Rashevskyi has used false identities, including &#8216;Maksim Sorin&#8217; and &#8216;Roman Chabanenko,&#8217; to buy infrastructure from companies that might otherwise refuse to do business with him because of complaints of abuse from internet service providers about illegal activity originating from 1VPNS&#8230;<\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/07\/us-sanctions-first-vpn-service-and.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support https:\/\/thehackernews.com\/2026\/07\/us-sanctions-first-vpn-service-and.html Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":289327,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhseKXQcobfKfQC4K6ja7LMDD4ntr9cnmn_88cEPY7jw6wbmiy0p_0xup5NyNrvKHvN4gm2Y1gT4P9kn_FV0ogJEsN6hQ0Dal0xqZgWMNW0mHfrUtnxDkm0FjIN13xxH2_mCkBIVcQeEAK8j2w46HuvE5yv8W6MIsj5VQP37keKQBdHeF2NU-ujhcdaLwdE\/s1600\/sanctions.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[32],"class_list":["post-289326","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-malware"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/289326"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=289326"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/289326\/revisions"}],"predecessor-version":[{"id":289328,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/289326\/revisions\/289328"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/289327"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=289326"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=289326"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=289326"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}