The man was arrested in his home in the city of Granollers near Barcelona, which functioned as a communication center, and has apparently been circling Spain in a van equipped with computer equipment, routers, antennae and has been using it as a mobile office.
During his arrest, he claimed to be a diplomat - the Minister of Telecommunications and Foreign Affairs of the Republic of Cyberbunker. The man is in the process of being deported to the Netherlands.
According to the BBC, the Dutch Prosecution Service released only the initials (S.K.) of the suspect, but according to sources familiar with the investigation, the suspect is Sven Kamphuis, the owner and manager of Dutch hosting firm Cyberbunker, which is located in an old NATO military bunker and offers so-called "bulletproof hosting" to questionable and illegal enterprises.
As a reminder: the attack against Spamhaus was apparently a form of retaliation for them putting most of Cyberbunker's IP blocks on their blacklists.
Kamphuis recently gave an interview in which he identified himself as a spokesperson for Stophaus, a "group of people that found themselves because they were all targeted by Spamhaus and blackmailed by Spamhaus in the past," but said that Stophaus members are not affiliated with Cyberbunker.
According to the spokesman for the Dutch Public Prosecution Service, the arrested man is suspected of a wide range of computer crimes - and the DDoS attack against Spamhaus is one of them.
A statement posted on Friday on Pastebin seems to confirm that the suspect is Kamphuis.
"We demand u to release Sven or we will indeed start the biggest attack u humans have ever experienced towards The Internet, and yourself. Anything and all connected will suffer and do you silly governments really think u can stop millions of human beings? U have no chance, AT ALL. We have seen and tested how weak the current security in The Netherlands is. Banks, airports, even your precious 'DigiD' was taken out within minutes. You have been warned," it said.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.