Therecord.Media
US Sanctions FirstVPN and Ransomware Enablers Amid Rising Cybercrime Threats
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
On July 13, 2026, the U.S. Treasury's OFAC sanctioned FirstVPN, its administrator Dmytro Rashevskyi, and malware cryptor Yevgeniy Vladimirovich Silayev for facilitating ransomware attacks against U.S. entities. These sanctions target the infrastructure that supports ransomware operations, which have caused billions in losses. FirstVPN has been linked to numerous ransomware groups since 2014, promoting a no-logs policy and refusing law enforcement cooperation. The action aligns with a broader strategy to disrupt the cybercrime ecosystem and was coordinated with the UK. The sanctions block all property of the designated parties in the U.S., and any U.S. person is prohibited from transactions involving them. This follows a May 2026 takedown of 1VPNS's infrastructure by European law enforcement, supported by the FBI. The impact includes U.S. businesses, hospitals, and municipal governments affected by ransomware attacks using FirstVPN's services.
Key Points: • U.S. sanctions target FirstVPN, its administrator, and a malware cryptor for ransomware support. • The sanctions block all property of the designated parties in the U.S. and prohibit transactions. • The action is part of a coordinated effort with the UK to disrupt the cybercrime ecosystem.