Second Crypto-Fueled Cyberbunker Seized by German Police for Dark Web Activities
In a series of raids on September 26th, the German Police took down a former NATO bunker that was home to hundreds of servers that were being used to host a wide range of Dark Web activities such as illegal drug trade, distribution of child pornography, document forgery, and sale of hacking tools. The Police also discovered $41 million worth of funds which are directly linked to these activities.
The bunker, now called the “Cyberbunker 2.0”, is located in the German town of Traben-Trarbach. Located within a 13-acre former military base, the 54,000-square feet, five-floor Cold War-era bunker was home to these three marketplaces: Orange Chemicals, Cannabis Road, and Wall Street Market. Wall Street Market is famous for being one of the world’s largest criminal marketplaces for hacking tools, drugs and financial data.
More than 600 police officers were involved in the raids in Germany, Netherlands, Luxembourg and Poland. The investigation targeted thirteen suspected members – 12 men, 1 woman, aged 20-59 – for running the bunker. Seven people have been arrested so far.
While the Police has refrained from naming any suspect, cybersecurity researcher Brian Krebs believes that the masterminds behind this bunker are Herman Johan Xennt and Sven Kamphius, two notorious hackers who’ve run a similar bunker before in the Netherlands. After their previous bunker exploded, they moved to Germany to setup Cyberbunker 2.0 sometime between 2012 and 2013.
An online attack that affected 1.25 million routers of German provider Deutsche Telekom in November 2016 was also controlled via a server located in this cyber bunker, the regional public prosecutor's office said.
Johannes Kunz, the regional criminal police chief said,
“I think it's a huge success…that we were able at all to get police forces into the bunker complex, which is still secured at the highest military level. We had to overcome not only real, or analog, protections; we also cracked the digital protections of the data center.”
The operation of the bunker hosting service isn't illegal per se which is why the German authorities would have to prove that the arrested were aware of the illegal nature of the hosted businesses to secure a conviction. Evaluating the stored data to determine this could take any amount of time-from a few months to several years.