SpamHaus DDoS suspect arrested in Spain
Posted on 29 April 2013.
The Spanish National Police has arrested a 35-year-old Dutch citizen that is suspected of being one of the individuals behind the recent massive DDoS attack launched against Spamhaus, an organization that tracks spam-related activity and provides a blacklist of IP blocks used by known spamming outfits for various anti-spam filters.

The man was arrested in his home in the city of Granollers near Barcelona, which functioned as a communication center, and has apparently been circling Spain in a van equipped with computer equipment, routers, antennae and has been using it as a mobile office.

During his arrest, he claimed to be a diplomat - the Minister of Telecommunications and Foreign Affairs of the Republic of Cyberbunker. The man is in the process of being deported to the Netherlands.

According to the BBC, the Dutch Prosecution Service released only the initials (S.K.) of the suspect, but according to sources familiar with the investigation, the suspect is Sven Kamphuis, the owner and manager of Dutch hosting firm Cyberbunker, which is located in an old NATO military bunker and offers so-called "bulletproof hosting" to questionable and illegal enterprises.

As a reminder: the attack against Spamhaus was apparently a form of retaliation for them putting most of Cyberbunker's IP blocks on their blacklists.

Kamphuis recently gave an interview in which he identified himself as a spokesperson for Stophaus, a "group of people that found themselves because they were all targeted by Spamhaus and blackmailed by Spamhaus in the past," but said that Stophaus members are not affiliated with Cyberbunker.

According to the spokesman for the Dutch Public Prosecution Service, the arrested man is suspected of a wide range of computer crimes - and the DDoS attack against Spamhaus is one of them.

A statement posted on Friday on Pastebin seems to confirm that the suspect is Kamphuis.

"We demand u to release Sven or we will indeed start the biggest attack u humans have ever experienced towards The Internet, and yourself. Anything and all connected will suffer and do you silly governments really think u can stop millions of human beings? U have no chance, AT ALL. We have seen and tested how weak the current security in The Netherlands is. Banks, airports, even your precious 'DigiD' was taken out within minutes. You have been warned," it said.


How security pros deal with cybercrime extortion

1 in 3 security professionals recommend negotiating with cybercriminals for the return of stolen data or the restoration of encrypted files. 86% of security professionals believed their peers at other organizations have brokered deals with cybercriminals.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Apr 1st