German police defeated hosting CyberBunker 2.0

The German police stopped work and defeated the criminals hosting CyberBunker 2.0, located in a real bunker of the Cold War times that is located on the territory of Rhineland-Palatinate land.

Investigators reported that as a result of a large-scale operation, they turned off about 200 servers in secure rooms, and also arrested seven people.

According to prosecutor Juergen Bauer, in 2013, suspects acquired a NATO bunker near the town of Traben-Trarbach and organized a bulletproof hosting in it, which provided space for hosting criminal sites.

CyberBunker 2.0 servers hosted drug sales resources, fraudulent sites, illegal trafficking platforms, and child pornography sites.

“The platforms it hosted included “Cannabis Road,” a drug-dealing portal; the “Wall Street Market,” which was one of the world’s largest online criminal marketplaces for drugs, hacking tools and financial-theft wares until it was taken down earlier this year; and sites such as “Orange Chemicals” that dealt in synthetic drugs”, — investigators say.

As the police found out, from this center the attack on Deutsche Telekom routers was coordinated, affecting about 900 thousand customers of the provider.

At present, 13 people are under investigation, of which three are German citizens and seven are from the Netherlands. During the special operation, law enforcement officials managed not only to seize the fortified bunker, but also confiscate about $ 41 million in cash, many mobile phones and storage media.

Read also: Experts first talked about WIBattack, a critical vulnerability in SIM cards

Suspects were detained in one of the restaurants in Schwalbach, near Frankfurt. Along with raids in Germany, searches were conducted in the Netherlands, Poland and Luxembourg.

The investigation did not disclose the names of the suspects, however, journalists managed to find out that the head of CyberBunker 2.0, according to investigators, was 59-year-old Dutchman Herman Johan Xennt, previously involved in the creation of a similar hosting. Since the late 1990s, he, together with the organizer of the largest DDoS attack in history, Sven Olaf Kamphuis, has been offering site hosting services on secure servers.

Criminals attracted customers with photos of their bunker in the Netherlands and claimed that there were servers, but in reality the images turned out to be fake. The underground facility has not been used as a data center since at least 2002, when there was a fire, and the entire infrastructure of CyberBunker 1.0 was in Amsterdam.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Check Also

Ragnar Locker and Virtual Machines

Ragnar Locker ransomware uses virtual machines to hide their actions

Sophos specialists found that Ragnar Locker malware operators use Oracle VirtualBox and virtual machines running …

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.