New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
KV Solutions BV have probably been raided
"Middelburg, Veendam, Amsterdam, Driebergen - The police has taken five servers offline that were used to control a version of a so-called botnet. The hardware was seized and the business operations stopped. A 24-year-old man from Veendam and a 28-year-old man from Middelburg were arrested on Tuesday evening. They are suspected of, among other things, computer breach and the spread of malware."
Their website is also offline and it does not seem to be a coincidence.
Thanked by 1uptime
Comments
Servers from the sky
https://www.lowendtalk.com/discussion/comment/3018095#Comment_3018095
So many ends as of late.
RAID-0, RAID-1, or RAID-5?
RAID-666 apparently.
Kv solutions: Angelo Kreikamp (28 years old Middelburg)
LifeHosting: Marco Bos(24 years old Veendam)
Original post:
https://www.politie.nl/nieuws/2019/oktober/2/11-servers-botnet-offline.html
That's rather strange, they would only be arrested if they refused to cooperate or if they are part of this criminal activity. According to LinkedIn, this Angelo currently still works for PCextreme (a large Dutch provider).
https://www.zdnet.com/article/dutch-police-take-down-hornets-nest-of-ddos-botnets/
They have been under investigation for over a year. Doesn't surprise me one bit. Maybe they're not involved directly but at the scale their network was enabling DDOS attacks I would be surprised if they weren't aware.
If you know about illegal activity on your service and then don't do anything about it eventually you will be held responsible.
They were very much aware and chose to ignore it.
That's what I thought. Never dealt with them but judging by their clients and what was published in Dutch press it was one shady business.
I'm all for 'bulletproof' hosting as there are legitimate reasons to need the extra protection but this got ridiculous. Good riddance.
They had some "interesting" DNS records
https://bgp.he.net/net/185.244.25.0/24#_dns
One of them: niggershallbegay.google.com
WTF?!
sandniggawashere
cnc.ddos-with.me
host.bullethost.nl
herro.skid.com
kurdcapital
lol
https://bgp.he.net/net/185.244.25.0/24#_dns
https://www.abuseipdb.com/blog/kv-solutions-takedown