Jump to content
Not connected, Your IP:

UrDN servers stolen

Recommended Posts

We're sorry to inform you that according to the following message from UrDN http://www.urdn.com.ua/ all the servers in the Kiev datacenter, including AirVPN servers, have been illegally stolen by Ukrainian "security services" SBU and should be released only after payment of a bribe.
We have no way to verify this message unfortunately, but in any case our servers, as you probably know, do not contain any log and/or any database and/or any sensitive information.
Therefore, Procyon and Theemim will not come back anytime soon, as UrDN declares that they will not pay any bribe/ransom to get back the servers.
If the message is truthful, we would like to express our complete solidarity with UrDN and condemn the acts of the Ukrainian "security services" SBU which would be identical to those of a criminal organization.

Kind regards
AirVPN Staff


29 October

The security service of Ukraine (SBU) has orchestrated a raid and stole all local servers and network equipments including machines which do not belong to us.

During the intervention the SBU prohibited us from calling lawyers and other legal assistance.

The SBU used falsified pseudo evidences of malware hosting to justify their operation. The purpose was to link us with the creating and the spreading ofmalwares.

Their actions are motivated by the search for money but UrDN has insignificants revenues and mostly sponsor nonprofit projects.

Those actions have became frequent over the previous months as the government developed new corruption schemes.

The SBU tried to sequestrate the team but we have been able to reach out for help. At the moment we have only limited ways to communicate but we will inform you on the situation. UrDN will never pay any bribe even if it could.

We will do our best to get the machines back.

It's with a lot of emotions that we would like to apology to all our friends and customers.

Share this post

Link to post

Dear AirVPN,


Is the security of the users affected (Cached AirVPN password)?

Keep up your good VPN Service!


Sent from my HM NOTE 1LTE using Tapatalk

Share this post

Link to post

What about the certificates and their keys on the stolen servers? Am I right in saying that anybody holding these certificates and keys can setup a fake AirVPN server?

Share this post

Link to post

The certificates aren't on the VPN servers, only OpenVPN, the certificates and what not is most likely on the server they use to host the site, including the authorization check gets verified on a main server, all they would then have to do is remove the IP address and deny those servers access that way it will not be part of the AirVPN Network anymore. Also wouldn't surprise me if there are daemons running that cleans the servers on intervals, if you read the home page you could see that they cycle it all the time that way old keys are also wiped, and the latest on the servers won't be working anymore.


(keep in mind this is how I'm sure it works, I won't actually know given that I don't have access to their servers)

Share this post

Link to post

people, please read the original message carefully.  Staff say the severs contain no "sensitive information".  I'm sure that means certs and keys are NOT compromised. 

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Security Check
    Play CAPTCHA Audio
    Refresh Image

  • Create New...