The Patriot Files Forums  

Go Back   The Patriot Files Forums > Military News > International

Post New Thread  Reply
 
Thread Tools Display Modes
  #1  
Old 10-02-2019, 10:10 AM
Boats's Avatar
Boats Boats is offline
Senior Member
 

Join Date: Jul 2002
Location: Sauk Village, IL
Posts: 21,784
Cool Bulletproof host raided in former NATO bunker

Bulletproof host raided in former NATO bunker
BY: Michael Heller - Srn. Reporter for Search&Security - 10-2-19
RE: https://searchsecurity.techtarget.co...er-NATO-bunker

German authorities arrested seven in raid of bulletproof hosting company CyberBunker -- which was housed in a former NATO bunker -- for allegedly hosting dark web marketplaces.

Law enforcement officials in Germany shut down a bulletproof host operating out of a former NATO bunker and which was allegedly supporting various illegal websites.

The host taken down by German authorities late last week was known as CyberBunker. It was originally located in a former military bunker in the Netherlands, but moved to another NATO bunker in Traben-Trarbach, Germany around 2013. CyberBunker had only two exceptions in its rules for customers: no content related to terrorism and no child pornography.

However, according to authorities, those were not hard rules because CyberBunker was accused of hosting child pornography sites in addition to a number of dark web marketplaces offering illegal drugs, stolen data and malware. In the raid, seven people were arrested and six other suspects connected to the bulletproof host are still at large.

A bulletproof host is a service provider sells itself on promising customers freedom to conduct any activities they wish and protection from law enforcement. The CyberBunker case demonstrates how difficult it can be to shut down bulletproof hosts even when they are located in U.S.-friendly nations that cooperate on law enforcement.

Leo Taddeo, former special agent in charge of the cyber division of the FBI's New York office and current CISO at hosting provider Cyxtera, said enterprises should be wary of bulletproof hosts because they are the launching pad for "many criminal and even nation-state cyberattacks."

"Cyber criminals and spies prefer bulletproof hosts to launch their attacks because a bulletproof host can add a layer of anonymity," Taddeo told SearchSecurity. "A BPH that is located in a jurisdiction that has lax enforcement will also be more resilient against law enforcers."

Bob McArdle, senior threat researcher at Trend Micro, said that beyond enabling the distribution of drugs or child porn, bulletproof hosts can be used for command and control infrastructure.

"Where it makes a big difference is on any regulatory body or law enforcement that is attempting to take down long-term criminal infrastructure that is hosted somewhere that is non-responsive, or is actively ignoring them," McArdle said. "Simply put, they are either run by organizations that have actively decided to ignore or resist any law enforcement requests, or are in a country with weak cybercrime laws that mean they are under little or no obligation to comply."

Taddeo added that because bulletproof hosts don't care what is hosted on their infrastructure, it is "hard for enterprises to use legal channels to shut down the sources of attacks."

German authorities said in a press conference that CyberBunker hosted the Wall Street Market, which was the second largest dark web marketplace before it was shut down in April, as well as the Cannabis Road marketplace and more. It's unclear how long German law enforcement was investigating CyberBunker or why authorities finally raided the company's data center after operating for so many years.

In the past, CyberBunker was known to host The Pirate Bay and Wikileaks, but one of the more infamous connections was with a huge DDoS attack against anti-spam website Spamhaus. Following an argument, CyberBunker was blacklisted by Spamhaus and alleged protesters hit Spamhaus with what was possibly the largest DDoS attack recorded at the time, and large enough that it even knocked Cloudflare offline.

Sven Kamphuis, who ran CyberBunker via his company CB3ROB, was arrested in 2013 in connection with the attack and convicted in the Netherlands, but did not serve jail time.

It is currently unclear if Kamphuis was one of the seven arrested in this raid of CyberBunker.

Guido Blaauw, director of Disaster-Proof Solutions, a company that renovates and resells old military bunkers, including the original CyberBunker location in the Netherlands, told SearchSecurity the German investigation may have been slowed down because "there was not much known about what was going on inside."

"I think they needed this long to obtain evidence in other ways (like collecting traffic, chats, baking information etc.)," Blaauw wrote via message. "The abuse mails from law enforcement and others are simply ignored [by Kamphuis.] This is their modus operandi since 1997 and it never changed."
__________________
Boats

O Almighty Lord God, who neither slumberest nor sleepest; Protect and assist, we beseech thee, all those who at home or abroad, by land, by sea, or in the air, are serving this country, that they, being armed with thy defence, may be preserved evermore in all perils; and being filled with wisdom and girded with strength, may do their duty to thy honour and glory; through Jesus Christ our Lord. Amen.

"IN GOD WE TRUST"
sendpm.gif Reply With Quote
Sponsored Links
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

All times are GMT -7. The time now is 06:51 AM.


Powered by vBulletin, Jelsoft Enterprises Ltd.