European authorities took down the VPN service in May after a years-long investigation.

The US Treasury Department sanctioned the First VPN service this week, saying it allowed cybercriminals to launch ransomware attacks against US businesses and institutions.
The Office of Foreign Assets Control, an intelligence and enforcement agency of the Treasury Department, also imposed sanctions on the administrator of the first VPN, Dmytro Rashevskyi and Yegeniy Vladimirovich Silayev, for selling tools used to hide ransomware and other malware. These tools – known as “encryptors” – prevent security systems from detecting or disabling them.
In May, European authorities took down First VPN, also known as 1VPNS, and arrested Rashevskyi, based in Dnipro, Ukraine, to conclude an investigation that began in 2021.
Europol, the EU’s law enforcement agency, said First VPN was well-presented on Russian-language cybercrime forums as a service offering anonymous payments, hidden infrastructure and services “designed specifically for criminal use.”
The agency also said the VPN service helped cybercriminals hide their identities when carrying out ransomware attacks and data thefts, and that it appeared “in almost all major cybercrime investigations supported by Europol in recent years.”
Treasury Department officials did not immediately respond to a request for comment.
What is ransomware?
Ransomware is malicious software that enters a computer system and prevents an individual or company from accessing files, systems or networks. The perpetrator will usually demand a ransom to regain access. This is a huge problem: one estimate puts the global cost at $74 billion this year.
The FBI advises users to keep their operating systems and software up to date, use anti-malware software, and antivirus programs and back up your data regularly, among other tips. The FBI also advises against paying ransomware instigators.
Learn more: Best VPNs for 2026
Under the sanctions adopted this week, the Treasury Department will prohibit all transactions by persons in the United States involving property owned by Rashevskyi or Silayev. The ministry also said that all their property in the country or in the possession of anyone in the country must be reported to the ministry. Financial and other institutions are prohibited from “engaging in certain transactions or activities” involving Rashevskyi or Silayev.
“The ultimate goal of sanctions is not to punish, but to bring about a positive change in behavior,” the ministry said in the statement.
When used legally and ethically, a VPN is a valuable tool for consumers seeking online privacy. The safest and most effective VPNs – CNET advises against using free software — will not log your data, which means no one will be able to see your activity on the Internet. VPNs also hide your physical location by using a unique IP address, making it appear as if you are in a different country than the one you are in. Many people use VPNs to watch online content that is geo-restricted to their actual country of residence.
But, as CNET’s Attila Tomaschek writes“total anonymity” is impossible, even with the best VPNs. They can help provide some privacy, but so much of our data is accessible that a VPN will never be able to give you “a blanket invisibility cloak on the Internet,” he says.
Forums on cybercrime and fake identities
In the press release, the Treasury Department said Rashevskyi and First VPN began promoting their services in 2014 on various online cybercrime forums. First VPN said it does not record user identities or activities and will refuse to cooperate with law enforcement investigations into any possible illegal activity originating from the servers it rents to its customers.
The agency also said Rashevskyi used false identities to trick companies into selling him infrastructure that they would not have sold to him if they had known his true identity. Internet service providers have complained about illegal activities emanating from First VPN servers, the statement said.
According to the Treasury Department, ransomware criminals used infrastructure obtained from First VPN to attack U.S. businesses, financial services companies, hospitals and municipal governments.
Silayev, a Belarusian national, provided encryption And obscuration services to ransomware operators targeting the United States and allied entities, the Treasury Department said. These cryptocurrencies make malware appear as harmless files, thereby fooling the computer systems of companies and other institutions.
VPN Review – Our Top Picks
VPN Review – Other Services

Since becoming fascinated by the Cambridge coffee shop webcam in the 1990s, I’ve written about VPNs, the NFL, smartphones, decent salaries, plus/minus and everything in between. See full bio


























