OFAC sanctions First VPN Service amid claims of ransomware support
Source headline: U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support
Intelligence Summary
The U.S. Treasury’s OFAC has designated a VPN provider and individuals tied to enabling ransomware and other cybercrime. The VPN, “First VPN Service (1VPNS),” is accused of supplying tools to ransomware actors, including attacks affecting people in the United States. OFAC’s action also targets the individuals believed to facilitate this support. This raises compliance risk for organizations that use or indirectly rely on sanctioned VPN infrastructure. Organizations should review VPN vendors, investigate any connections to 1VPNS, and ensure their sanctions screening and incident response processes are up to date.
Recommended Action
Review affected assets, schedule urgent remediation, and monitor related indicators.