Infosecurity-Magazine
Operation Saffron: First VPN Dismantled in Major Cybercrime Takedown
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
On May 19-20, 2026, an international law enforcement operation, dubbed Operation Saffron, successfully dismantled First VPN, a virtual private network service heavily utilized by cybercriminals for ransomware, fraud, and data theft. Led by French and Dutch authorities, with support from Europol and Eurojust, the operation resulted in the seizure of 33 servers and the arrest of the service's administrator in Ukraine. First VPN was known for providing anonymity to its users, facilitating illicit activities by masking their identities and infrastructure. The investigation, which began in December 2021, revealed that First VPN had been involved in nearly every major cybercrime investigation supported by Europol in recent years. Authorities identified and notified 506 users linked to cybercriminal activities, disseminating 83 intelligence packages to aid ongoing investigations. This operation marks a significant milestone in the fight against cybercrime, showcasing the effectiveness of international collaboration.
Key Points: • First VPN, a VPN service used by cybercriminals, was taken offline during Operation Saffron. • The operation involved 18 countries and resulted in the arrest of the service's administrator in Ukraine. • Authorities identified 506 users linked to cybercrime and shared intelligence across jurisdictions.