Operating since 2004, yet another "cybercrime anonymization" service is using the bandwidth of legitimate data centers in order to run its VPN/Double/Triple VPN channels service which it exclusively markets in a "it's where you advertise your services, and how you position yourself that speak for your intentions" fashion.
Description of the service:
- Only we have the full support service to the date of the center, which prevents the installation of sniffers and monitoring.
- We do not use standard solutions, our software is based on the modified code.
- Only here you get a stable and reliable service.
Characteristics of Sites:
- Channel 100MB, total channels gigabita 1.2.
- MPPE encryption algorithm is 128 bit
- Complete lack of logs and monitoring - a guarantee of your safety.
- Completely unlimited traffic.
- Support for all protocols of the Internet."
On the basis of chaining several different VPN channels located in different countries all managed by the same service, combined with a Socks-to-VPN functionality where the Socks host is a malware compromised one, all of which maintain no logs at all, is directly undermining the usefulness of already implemented data retention laws. Moreover, even a not so technically sophisticated user is aware that chaining these and adding more VPN servers in countries where no data retention laws exist at all, would result in the perfect anonymization service where the degree of anonymization would be proportional with the speed of the connection. In this case, it's the mix of legitimate and compromised infrastructure that makes it so cybercrime-friendly.
In respect to the "no logs and monitoring for the sake of our customers security" claims, such services are based on trust, namely the customers are aware of the cybercriminals running them "in between" the rest of the services they offer, which and since they're all "on the same page" an encrypted connection is more easily established. However, an interesting perspective is worth pointing out - are the owners of the cybecrime-friendly VPN service forwarding the responsibility to their customers, or are in fact the customers forwarding the responsibility for their activities to the owners which are directly violating data retention laws and on purposely getting rid of forensic evidence?
Things are getting more complicated in the "cybercrime cloud" these days.