SnakeMasteR Posted April 26, 2013 Share Posted April 26, 2013 Police arrest suspect accused of “unprecedented” DDoS attack on SpamhausSpanish authorities have arrested a 35-year-old Dutchman they say is "suspected of unprecedented heavy attacks" onSpamhaus, the international group that helps network owners around the world block spam.A press release (English translation here) issued by the Dutch Public Prosecutor Service identified the suspect only bythe initials SK and said he was living in Barcelona. A variety of circumstantial evidence, mostly taken from this Facebook profile,strongly suggests the suspect is one Sven Olaf Kamphuis. He's the man quoted in a March 26 New York Times article saying aDutch hosting company called CyberBunker, which Kamphuis is affiliated with, was behind distributed denial-of-service attacksaimed at Spamhaus. Kamphuis later denied he or CyberBunker had anything to do with the attacks.With peaks of 300 gigabits per second, the March attacks were among the biggest ever recorded. Besides their size, they werealso notable because they attacked the London Internet Exchange, a regional hub where multiple networks from different serviceproviders connect. As Ars writer Peter Bright explained, the size and technique threatened to clog up the Internet's core infrastructure and make access to the rest of the Internet slow or impossible. While some critics said that assessment wasoverblown, Bright provided this follow-up explaining why the attacks had the potential to break key parts of the Internet.The crippling distributed denial-of-service (DDoS) attacks began a few weeks after Spamhaus added CyberBunker to one of thereal-time blacklists that ISPs use to block e-mail from networks suspected of engaging in, or at least turning a blind eye to, thesending of spam. CyberBunker has long been known as an "anything goes" host provider. As long as content isn't "child porn andanything related to terrorism," the company permits it. According to an article published Friday by KrebsOnSecurity, Spamhausofficials contacted CyberBunker after seeing botnet controllers and illegal pharmaceutical operators hosted on its service. "We gota rude reply back, and he made claims about being his own independent country in the republic of CyberBunker, and said he wasnot bound by any laws and whatnot," an unnamed Spamhaus official told reporter Brian Krebs. Kamphuis' Facebook page hasalso claimed he has diplomatic immunity.It should be emphasized that so far there is no official confirmation that the SK in custody is Kamphuis. Even if it is, he should stillbe presumed innocent until proven otherwise. Dutch prosecutors said SK's Barcelona residence was searched and computers,data carriers, and mobile phones were seized. They also said they expect SK to be transferred to Dutch authorities soon. We'll beeager to learn if there's evidence that can conclusively tie the man to one of the biggest reported DDoS attacks ever.SOURCE Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.