All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Cyberbunker Germany raided 26.09.2019 (Sven Olaf Kamphuis / Herman Xennt)
Seems that the german DC of world famous bulletproof hoster cyberbunker.com (plus at least one location in NL) has been raided yesterday by the LKA (State Office of Criminal Investigations) with help of the GSG9 (holy shit, WTF?!) after 5 years of investigations. Seven people have been arrested. Four dutch men (59, 49, 33, 24), one german (23), one bulgarian (age?) and one german woman (52). 200 servers have been confiscated.
The DC was located in an ex-NATO bunker in Traben-Trarbach. There has been a press conference at 12:00, so I hope to get more details soon.
Website is not down but empty. Archive.org link (very interresting read! All of it g):
https://web.archive.org/web/20190427013220/http://cyberbunker.com/web/index.php
Supposedly these sites (drug markets) have been hosted there:
Cannabis Road
Wall Street Market
Fraudsters
Flugsvamp 2.0
orangechemicals
acechemstore
lifestylepharma
..And of course everything else that was typical for cyberbunker.
Can't yet find any english sources (and I just noticed that deepdotweb.com has been seized long ago, lol), so try to translate these:
English articles are popping up. Just search for "cyberbunker" in googles news tab.
Official press release:
https://www.presseportal.de/blaulicht/pm/29763/4386624
News article (warning: bild.de is a tabloid like "the sun" in UK):
https://www.bild.de/regional/frankfurt/frankfurt-aktuell/sieben-cyberkriminelle-festgenommen-was-geschah-im-nato-bunker-64982170.bild.html
Old article about the plans to build a new DC in that location:
https://www.volksfreund.de/region/mosel-wittlich-hunsrueck/erdwall-soll-vor-neugierigen-blicken-schuetzen_aid-6082178
Does anyone have more info? Anything heard through the grapevine?
Will they find a huge cannabis grow op MDMA lab again this time g ?
@William ?
Comments
It is already more than sick enough that such a datacenter existed in "Germany". I've known Cyberbunker for a long time, I thought their datacenter was only in Holland. In any case, they have only specified servers in "Holland". That the actual datacenter was in Germany, I didn't know either.
I don't understand how you can have the thoughts to host such sites on Germany. Everybody knows how Germany reacts to it. There cybercriminals are punished worse than rapists.
Their data center looked relatively clean. Equipment didn't seem to be bad either. I always thought they had bad equipment as their website looked.
I would recommend everyone not to host in Germany. Even if their servers are of high quality, there the servers are confiscated or taken offline with every small "hint". It can also be a fake hint that servers can be confiscated. Also copyright companies like GVU or others have accused for years of sites that actually had no connection with crime. Reminds me of the new Stasi in the modern age.
5 years of investigations... Isn't that roughly when Sven left jail
Wasnt it a MDMA labor the last time?
In their website they said it was in the Netherlands: https://web.archive.org/web/20190312133725/http://cyberbunker.com/web/location.php
It says on their website that the DC is the Bunker in NL but that is incorrect (atleast what i heard and read). That Dutch bunker is owned by the Company "Bunker-Infra". Cyberbunker didnt own the Bunker anymore since ... 2010?
Also look this:
starting at 03:55 the Bunker and the actual owners.
And at 14:30 they also mention Ecatel.
15:40 - Ecatel employee get mad, funny part.
-
They didnt ran under the name Cyberbunker anymore but instead "Calibour GmbH"
https://www.northdata.de/Calibour+GmbH,+Traben-Trarbach/Amtsgericht+Wittlich+HRB+42709
https://bgp.he.net/AS29090
https://www.spamhaus.org/sbl/listings/calibour.com ---> https://www.spamhaus.org/sbl/listings/zyztm.com
zyztm.com // calibour.com
Now that you mention it, I think yes. Maybe I just confused it with someone who suggested that growing weed in a DC would be perfect, because both usecases are so similar (the need for security, space, lots of electricity, ventilation/AC, no windows etc.)
BTW: They definately had a DC in NL too. I just don't know if they lost it due to the old raid/arrest/confiscation or a fire (wasn't there a fire or am I confusing things again?) or if they are still operating that too. The one in DE was the new one they have been talking about for years. EDIT: see HostSlick above
AS29090 and AS62454
DC in Germany and bullet proof never added up to me. I'm pretty sure thepiratebay at one point said they were hosted at the bunker.
in my personal opinion, it's too late raid because they hosted all kinds of shit and i do support the authorities in that matter.
http://www.cb3rob.org (=cyberbunker)
Hackernews thread: https://news.ycombinator.com/item?id=21091597
I've always wanted a bunker for a DC
@Jord build our own bunkers?
That would be a bit hard, I have no land. Plus it's so much easier if it's already built
nvm
@that_guy thanks, keep us updated about press conference.
I remember them from war with Spamhaus. Bunker owner is insane. Would be interesting to read AMA with him from jail.
Just found this video on youtube:
Theoretically it should be an overview of the datacenter even if I don't recognize it, if someone recognizes it let us know.
Sealand, lol.
Well that's german efficiency. The dutchmen took how many tries to enter their cyberbunker? 3?
Damn if I knew this earlier, at 2pm today one could go arround the location after the press conference
In a Spiegel article from today they say the LKA hacked the datacenter before entering it, lol.
Related: http://www.zyztm.com/
Pfft, not a real 'bunker'. This is a bunker. http://www.infobunker.com/overview.shtml
Real bunkers are made from Krupp steel.
Communism intensified
Damn, there goes my IPTV
IMO the question with those guys never was "whether" but only "when" they'd be taken down.
Their two big idiocies were (a) to have anything in Germany, and (b) to obviously be grey and probably a darker shade of grey - and to advertise that.
"Years of investigation" highly likely simply means that diverse authorities looked closely at their traffic and collected evidence for a series of other cases (users of theirs).
"The Most Secure & Reliable Data Center in Iowa"
"Ultra-Secure Colocation"
But failing to setup TLS on their website.
Seems Legit
(source: AP)
Hahaha! That's very funny anyway. Probably he doesn't even know what he's talking about, but it's also possible that the "super-secure" bunker actually had rather yester-decade security.
He's referring to the fact they hacked into the datacenter before even entering it physically.
So?
He he is either lying, probably due to lack of understanding, or the oh so great cyber bunker security was actually ridiculous. Just as I said.
German special forces were involved in the raid, wouldn't surprise me if the 'trusted external sources' that tells cert-bund about security vulnerabilities based on network traffic (read: BKA) was also involved.
Bear in mind that even modern security practices are rarely a match for first world nation attackers. The only sure way to be certain against that sort of thing is to bury your computer after destroying it. First world nations are not a good choice for adversary in any security model unless you intend to lose.
I'm not defending cyberbunker here - just stating it's not a slam dunk that they were using incorrect practices simply due to who they were up against - though if they were, it will just have been easier.