Bunker diagram. Pattern: German Police
is a pioneer of anonymous hosting, which began operations in 1998. The company has placed servers in one of the most unusual places: inside the former underground NATO complex, built in 1955 as a protected bunker in case of a nuclear war.
Customers queued up: all servers were usually busy, despite the inflated prices: VPS cost from β¬100 to β¬200 per month, excluding installation fees, and VPS plans did not support Windows. But the hoster successfully ignored any DMCA complaints from the United States, accepted bitcoins and did not require any personal information from customers, except for an email address.
But now the βanonymous lawlessnessβ has come to an end. On the night of September 26, 2019, soldiers of the German special forces and police . The seizure was made under the pretext of combating child pornography.
The assault was not easy, since the bunker is located in a hard-to-reach place in the forest, and the data center itself is located several levels underground.
About 650 people took part in the operation, including law enforcement officers, rescue services, firefighters, medical personnel, drone operators, etc.
The entrance to the bunker can be seen next to the three buildings on the top left of the photo. In the center is a communication tower. On the right is the second building of the data center. Photo taken from a police drone
Police before entering the bunker after the start of the operation
The captured object is located near the town of Traben-Trarbach in the southwestern part of Germany (Rhineland-Palatinate, capital Mainz). Four underground floors of the bunker go 25 meters deep.
Prosecutor Juergen Bauer told reporters that the anonymous hosting activity had been under investigation for several years. The operation was carefully planned. Simultaneously with the assault, seven people were detained in a restaurant in Traben-Trarbach and in the city of Schwalbach, near Frankfurt. The prime suspect is a 59-year-old Dutchman. He and three of his compatriots (49, 33 and 24 years old), one German (23 years old), a Bulgarian and the only woman (German, 52 years old) were detained.
Searches were also carried out in Poland, the Netherlands and Luxembourg. In total, about 200 servers, paper documents, numerous data carriers, mobile phones and a large amount of cash (approximately $41 million in equivalent) were confiscated. Investigators say it will take several years to analyze the evidence.
Operator's workplace in the bunker
During the raid, German authorities also seized at least two domains, including the domain of the Dutch company ZYZTM Research (zyztm[.]com) and cb3rob[.]org.
According to the authorities, the aforementioned Dutchman purchased the former military bunker in 2013 - and turned it into a large and well-secured data center "to make it available to customers, according to our investigations, exclusively for illegal purposes," Bauer added.
In Germany, a hoster cannot be held liable for hosting illegal websites unless it can be proven that he knew and supported the illegal activity.
The former NATO facility was purchased from the Bundeswehr's geo-information unit. Press releases at the time describe it as a 5500 mΒ² multi-storey defensive structure. It has two adjacent office buildings with an area of ββ4300 mΒ², the total area of ββββbuildings occupies 13 hectares of land.
Regional Criminal Police Chief Johannes Kunz added that the suspect was "connected to organized crime" and spent most of his time in the area, although he applied to move to Singapore. Instead of emigrating, the owner of the data center supposedly lived right in an underground bunker.
In total, thirteen people aged 20 to 59 are under investigation, including three German citizens and seven Dutch citizens, Brouwer said.
Seven were taken under arrest because there is a possibility of their flight from the country. They are suspected of participating in a criminal organization, tax violations, as well as complicity in "hundreds of thousands of crimes" related to drugs, money laundering and forged documents, as well as complicity in the distribution of child pornography. The authorities did not name a single person.
Investigators described the data center as "bulletproof hosting" designed to hide illegal activity from the eyes of the authorities.
"I think it's a huge success ... that we've been able to put a police force in the bunker complex at all, which is protected at the highest military level," Koontz said. βWe had to overcome not only real or analog protections, but also break the digital protection of the data center.β
Server room in the data center
Among the illegal services allegedly hosted in the German data center were Cannabis Road, Flight Vamp 2.0, Orange Chemicals and the world's second largest drug platform Wall Street Market.
For example, there were 87 illegal drug dealers on the Cannabis Road site. Overall, the platform has processed at least several thousand sales of cannabis products.
The Wall Street Market platform has processed approximately 250 drug transactions with sales of over 000 million euros.
Flight Vamp is considered to be Sweden's largest drug trafficking site. The search for its operators is carried out by the Swedish investigating authorities. According to the investigation, 600 sellers and about 10 buyers were registered there.
Synthetic drugs of various kinds were distributed throughout Europe through Orange Chemicals.
Probably, now all the listed stores will have to move to another hosting on the dark web.
The late 2016 botnet attack on the German telecommunications company Deutsche Telekom, which disabled about 1 million customer routers, also came from servers in CyberBunker, Bauer said.
When the bunker was bought in 2013, the buyer did not immediately identify himself, but said that he was associated with CyberBunker, the operator of a similar Dutch data center located in another Cold War bunker. This is one of the oldest anonymous hosting in the world. He declared the independence of the so-called "Republic of Cyberbunker" and the readiness to host any site, except for child pornography and everything related to terrorism. The site is currently unavailable. On a proud inscription from law enforcement agencies flaunts: βServer confiscatedβ (DIESE SERVER WURDE BESCHLAGNAHMT).
According to , Zyztm[.] com was originally registered to Herman Johan Xennt from the Netherlands. The Cb3rob[.]org domain was owned by an organization that was hosted by CyberBunker and was registered to Sven Olaf Kamphuis, a self-proclaimed anarchist convicted several years ago for participating in the aforementioned large-scale attack that briefly disrupted the Internet in some places.
The alleged owner and operator of the cyberbunkers is Hermann Johan Xennt. Image: The Sunday World, July 26, 2015
Xennt, 59, and Camphuis worked together on a previous "bulletproof" hosting project, CyberBunker, which was housed inside a military bunker in the Netherlands. information security researcher Brian Krebs.
According to the director of the company Guido Blaauw, he bought a 1800 mΒ² Dutch bunker from Xennt in 2011 for $700. Probably after that, Xennt found a similar facility in Germany.
Guido Blaau claims that after the fire in 2002, when an ecstasy laboratory was found among the servers in a Dutch bunker, not a single server was hosted there: βFor 11 years they told everyone about this ultra-safe bunker, but [their servers] were hosted in Amsterdam, and for 11 years they scammed all their customers."
Batteries in the CyberBunker 2.0 data center
However, the Cyberbunker Republic was revived in 2013 on German soil, and entrepreneurs began offering many of the same services, to the same customers, as before: βThey are known for accepting scammers, pedophiles, phishers, anyone, Blaau said. "That's what they've been doing for years and they're known for it."
CyberBunker was part of . They are subject to specific requirements, including a guarantee of customer anonymity. Although the Cyberbunker is no more, other secure and anonymous hosts continue to work. They are usually physically located outside of US jurisdiction, in offshore zones, and declare maximum privacy. Below, the services are arranged by position in the rating of the anime lovers website:
- CyberBunker.com
Anonymous hosting in literature
Former Facebook profile photo . After his arrest in 2013, he spoke rudely to the authorities and
The story of the Republic of Cyberbunker and other offshore hosting sites is somewhat reminiscent of the fictional state of Kinakuta from the novel Neil Stevenson. The novel is written in the genre of "alternative history" and shows in which direction the development of mankind could go with a slight change in the input parameters or as a result of chance.
The Sultanate of Kinakuta is a small island in the corner of the Sulu Sea, in the middle of the strait between Kalimantan and the Philippine island called Palawan. During World War II, the Japanese used Kinakuta as a springboard to attack the Dutch East Indies and the Philippines. There was a naval base and an airfield. After the war, Kinakuta regained its independence, including financial independence, thanks to oil reserves.
For some reason, the Sultan of Kinakuta decided to make an "information paradise" out of his state. A law was passed that applies to all telecommunications passing through the territory of Kinakuta: βI renounce all administrative power over information flows within the country and across its borders,β the ruler announced. Under no circumstances will the government stick its nose into the flow of information or use its power to restrict these flows. This is the new law of Kinakuta." After that, a virtual state of the Krypt was created on the territory of Kinakuta:
Crypt. The "real" capital of the Web. Heaven for hackers. The nightmare of corporations and banks. "Enemy number one" of ALL world governments. There are no countries or nationalities on the network. There are only FREE people who are ready to fight for their freedom!..
Neil Stevenson. "Cryptonomicon"
In terms of modern realities, offshore anonymous hosting is a kind of Krypta - an independent platform that is not controlled by world governments. The novel even describes a data center in an artificial cave (the information "heart" of the Crypt), which is a bit like the German Cyberbunker:
There is another hole in the wall - apparently, several side ones branch off from this cave. Tom leads Randy there and almost immediately takes a warning by the elbow: there is a five-meter well ahead, a wooden staircase goes down.
βWhat you just saw is the main switch room,β says Tom.
- When it is finished, it will be the largest router in the world. We will place computers and a storage system in adjacent rooms. In fact - the largest RAID in the world with a large, large cache.
RAID stands for Redundant Array of Inexpensive Disks, a way to securely and cheaply store large amounts of information. Just what you need for an information paradise.
βWe are still expanding the adjacent rooms,β Tom continues, βand we stumbled upon something there. I think you will be interested. He turns and starts down the stairs. βDo you know that the Japanese had a bomb shelter here during the war?β
Randy has a xeroxed map from the book in his pocket. He takes it out and brings it to the light bulb. Of course, high in the mountains is marked "BOMB-SHELTER ENTRANCE AND COMMAND POST".
Neil Stevenson. "Cryptonomicon"
Crypto has occupied the same ecological niche that Switzerland occupies in the real financial world.
In reality, organizing such an βinformation paradiseβ is not as easy as in literature. However, in some aspects Stevenson's alternative history is gradually coming true. For example, today a significant part of the international communications infrastructure, including submarine cables, is no longer owned by governments, but by private corporations.
Only registered users can participate in the survey. , you are welcome.
Should anonymous hosting be banned?
-
Yes, it's a hotbed of crime
-
No, everyone has the right to anonymity
1559 users voted. 316 users abstained.
Source: habr.com