The Dutch Public Prosecutor’s Office today announced that:
- Alleged Spamhaus DOS attacker Sven Olaf Kamphuis (35) has been arrested in Spain;
- He is now officially a suspect in relation to the attacks on Spamhaus;
- Computers and mobile devices have been seized;
- Eurojust has enabled the Team High Tech Crime in The Netherlands to get their hands on Kamphuis;
The Public Prosecutor’s Office specifically adds that:
There are no indications that the attack on SpamHaus is related to the recent cyber attacks on Dutch banks, payment processor iDeal and public services portal DigiD.
It is not clear just how Dutch authorities are already able to conclude this or anything else for that matter, as the suspect has yet to be handed over to them and relevant data on the confiscated devices may not have been investigated just yet.
Also, in addition to Kamphuis, the Spamhaus organization may have had more enemies, eager to join relevant campaigns. Those enemies may have shared an ideology which would make it logical for all of them to join forces (something which Kamphuis pretty much indicated himself in various interviews)…and perhaps they could have decided to act against more than just one single adversary…
To illustrate this:
Russian Business Network
The Russian Business Network (commonly abbreviated as RBN) is a multi-faceted cybercrime organization, specializing in and in some cases monopolizing personal identity theft for resale. It is the originator of MPack and an alleged operator of the now defunct Storm botnet.
The RBN, which is notorious for its hosting of illegal and dubious businesses, originated as an Internet service provider for child pornography, phishing, spam, and malware distribution physically based inSt. Petersburg, Russia. By 2007, it developed partner and affiliate marketing techniques in many countries to provide a method for organized crime to target victims internationally.
According to a since closed Spamhaus report, RBN is “Among the world’s worst spammer, malware, phishing and cybercrime hosting networks. Provides ‘bulletproof hosting‘, but is probably involved in the crime too”. Another Spamhaus report states, “Endless Russian/Ukranian funded cybercrime hosting [at this network].”
October 13, 2007, RBN was the subject of a Washington Post article, in which Symantec and other security firms claim RBN provides hosting for many illegal activities, including identity theft and phishing.
Dutch language news articles and press release:
Pictures And Video From Within The Spanish Hideout Of Cyberbunker Operator Sven Olaf Kamphuis
Cyberbunker Operator And DDOS Suspect Sven Olaf Kamphuis Operated From Bunker In Spain As Well As His Mobile “Hacker Van”
“It was all Photoshop,” says Guido Blaauw (aka Rik van Esser?), of Bunkerinfra Datacenters (fka Cyberbunker), and Kamphuis fled to Spain
It seems clear that the CB3ROB network hijacked one (or more) of the IP addresses of Spamhaus, and installed a DNS server there which incorrectly returns positive results to every query (Cyberbunker)
“Yo anons, we could use a little help in shutting down illegal slander and blackmail censorship project ‘spamhaus.org,’” Cyberbunker’s Sven Kamphuis wrote on his Facebook wall March 23
Current owner of “NATO bunker” – Bunkerinfra Datacenters – states that “Cyberbunker” and Sven Olaf Kamphuis have left the building
Let’s start with some truth. The “Cyberbunker attack” did reach upwards of 300 Gb/sec and is the largest recorded DDoS to date
The Cyberbunker Revisited: The American Dream, Swindlers, Aliases, Big Money, Fraud, Dope, Governments And…Terrorists?
In Spamhaus’s view, cb3rob is the worst spam ISP in the world (Cyberbunker)
How Spamhaus’ attackers turned DNS into a weapon of mass destruction (Cyberbunker)
Cloudflare reveals details of ‘world’s biggest’ cyber attack (Cyberbunker)
Blast From The Past: “I guess all I can say is I’ll take what I can get” (Cyberbunker, Sven Olaf Kamphuis, CB3ROB, XTC, Porn, Pirate Bay, WikiLeaks, Fake WHOIS, Leaked Prefix, IP Tunnel)
The sheer scale of the attack by Cyberbunker is having an impact on services like Netflix and could eventually affect banking, email and other systems
Cyberbunker’s Sven Olaf Kamphuis To SpiegelOnline: “I brought in a few of my customers (…) and then it all started”
Five national cyber-police-forces are investigating the unprecedented Denial of Service attacks by Cyberbunker
Cyberbunker’s Sven Olaf Kamphuis: “They (SpamHaus) Think That They Are In Charge On The Internet, But WE Are In Charge”
Has Cyberbunker Launched The Largest Publicly Announced DDoS Attack In The History Of The Internet?
A2B Internet to sue Spamhaus for extortion. Spamhaus accused of threatening A2B and its customers with “Denial of Service” attacks if A2B would refrain from taking action against “Pirate Bay and WikiLeaks hoster” Cyberbunker / CB3ROB