Operation Saffron: Details and Scale
Europol, in collaboration with law enforcement agencies from 18 countries, conducted a major operation against First VPN, a cybercriminal service allegedly used to hide illicit activity. Under the Saffron operation, 33 servers were seized in 27 countries, over 500 users were identified, and raids were carried out, including in Ukraine. Participating nations—France, the UK, the Netherlands, Switzerland, and others—blocked First VPN's domains (1vpns.com, 1vpns.net, 1vpns.org) and its .onion version in the Tor network. The service's website now displays a law enforcement notice.
Characteristics of First VPN and Its Role in Cybercrime
First VPN positioned itself as a 'jurisdiction-free' service, promising complete anonymity without cooperation with authorities. The platform was heavily advertised on Russian-language forums linked to cybercrime. Investigators claim the service appeared in numerous recent investigations, and the operation was prepared for nearly five years. Authorities emphasized that 'bulletproof' VPNs differ from legal services: they ignore government requests and target the black market.
Debate on Digital Privacy and Regulation
The operation has reignited discussions about the limits of digital privacy. While the EU's legal framework guarantees online privacy, actual enforcement mechanisms remain fragmented across member states. European countries are debating new regulations for VPNs and internet communications, including data retention and expanded traffic monitoring. Critics warn that combating cybercrime could lead to broader internet surveillance.