U.S. Sanctions VPN Provider and Administrator Linked to Ransomware Operations

U.S. Sanctions VPN Provider and Administrator Linked to Ransomware Operations

First seen 13 Jul 2026, 19:28 UTC TradersunionTherecord.Media 81% similarity 70.6

Article Content

Browse articles
ThreatCluster

The U.S. Treasury has sanctioned First VPN Service (1VPNS) and its administrator Dmytro Rashevskyi for facilitating ransomware attacks. The sanctions also target Belarusian national Yegeniy Vladimirovich Silayev, accused of providing cryptors that help disguise malware. 1VPNS has been linked to ransomware groups since 2014, offering services that conceal attack origins and manage stolen data. The sanctions block all property and interests of the designated parties within U.S. jurisdiction. This action aligns with similar sanctions from the UK and follows a European law enforcement takedown of 1VPNS's infrastructure in May 2026. The Treasury emphasizes that these measures aim to combat the significant financial impact of ransomware on U.S. businesses and critical infrastructure.

Key Points: • U.S. sanctions target First VPN Service and its administrator for aiding ransomware. • Sanctions also include a Belarusian individual providing malware cryptors. • The actions follow a coordinated effort with the UK and a recent European law enforcement takedown.

ThreatCluster AI

Timeline

2026-05-01
European law enforcement takedown of 1VPNS infrastructure
Law enforcement agencies dismantled the infrastructure supporting 1VPNS, with FBI support.
Tradersunion
2026-07-13
U.S. Treasury sanctions 1VPNS and its administrator
The U.S. Treasury sanctioned 1VPNS and Dmytro Rashevskyi for enabling ransomware operations, blocking their assets in the U.S.
Tradersunion
2026-07-13
Sanctions against Belarusian malware supplier
Yegeniy Vladimirovich Silayev was sanctioned for providing cryptors that disguise malware, aiding ransomware groups.
Therecord.Media

Community

Browse all →