Find notable cyber news and cases, enriched with sources, timelines, and signals.

OFAC sanctions First VPN Service and two individuals

Regulatory/Legal Action
First reported
Last updated
Happening score
H score 27
2 unique sources, 2 articles

Summary

Hide ▲

OFAC sanctioned First VPN Service (1VPNS), Dmytro Rashevskyi, and Yegeniy Vladimirovich Silayev for enabling ransomware attacks and helping malicious software evade detection. The action targets a VPN provider and a cryptor seller tied to activity that hid attack origins, masked malware as legitimate software, and supported attacks on U.S. businesses, financial services firms, hospitals, and municipal governments. Officials linked the ecosystem to billions of dollars in losses to U.S. organizations and critical infrastructure providers, and said the underlying 1VPNS infrastructure was dismantled in May 2026 by European and North American authorities.

Related Happenings

1VPNS takedown in Operation Saffron

Law Enforcement
H score26 First: 14.07.2026 12:40 Last: 14.07.2026 12:40 Sources 1

How related: The sanctions come after European law enforcement took down 1VPNS's website and infrastructure in May with support from the FBI's Boston Field Office, as part of a joint action dubbed "Operation Saffron" led by French and Dutch authorities.

About this happening: French and Dutch authorities **took down 1VPNS**, **seized 33 servers**, and **arrested its administrator** in **Operation Saffron**, disrupting a VPN service used by **ransomware...

Joint operation dismantles First VPN Service (1VPNS)

Law Enforcement
H score33 First: 14.07.2026 11:02 Last: 14.07.2026 11:02 Sources 1

How related: First VPN was dismantled in May 2026 as part of a joint law enforcement operation by European and North American authorities for assisting criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks.

About this happening: European and North American authorities **dismantled** **First VPN Service (1VPNS)** in a **ransomware**-linked takedown, removing infrastructure used to hide attack origins and o...

EU and UK sanctions Russian GRU-linked cyber actors

Regulatory/Legal Action
H score44 First: 13.07.2026 14:19 Last: 13.07.2026 14:19 Sources 1

About this happening: The **Council of the European Union** and the **UK** imposed new **sanctions** on Russian individuals and entities tied to **cyber and hybrid operations**, tightening legal pressu...

EU sanctions Russian cyber actors over espionage campaign

Regulatory/Legal Action
H score26 First: 13.07.2026 13:00 Last: 13.07.2026 13:00 Sources 1

About this happening: The **European Union** imposed **sanctions** on **Russian military intelligence officers, hackers and private companies** on **Monday**, escalating pressure over a **yearslong cyb...

FSB 16th Centre yearslong cyber espionage campaign against European governments and critical infrastructure

Campaign
H score42 First: 13.07.2026 13:00 Last: 13.07.2026 13:00 Sources 1

About this happening: **FSB 16th Centre** is tied to a **yearslong cyberespionage campaign** against **European governments** and **critical infrastructure** across **at least nine countries**. The **C...

Timeline

  1. 14.07.2026 11:02 3 articles · 3h ago

    OFAC sanctions First VPN Service and two individuals

    Legal Policy Action Update

    The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) designated First VPN Service (1VPNS), its Ukrainian administrator Dmytro Rashevskyi, and Belarusian national Yegeniy Vladimirovich Silayev for enabling ransomware actors and helping conceal malware as safe programs. Treasury said ransomware groups used the VPN infrastructure to hide attack origins, manage exfiltrated data, and target U.S. businesses, financial services companies, hospitals, and municipal governments; officials also said First VPN was dismantled in May 2026 by European and North American authorities.

    Show sources