April 26, 2013

A 35-year-old Dutchman thought to be responsible for launching what’s been called “the largest publicly announced online attack in the history of the Internet” was arrested in Barcelona on Thursday by Spanish authorities. The man, identified by Dutch prosecutors only as “SK,” was being held after a European warrant was issued for his arrest in connection with a series of massive online attacks last month against Spamhaus, an anti-spam organization.

Facebook profile picture of Sven Olaf Kamphuis

Facebook profile picture of Sven Olaf Kamphuis

According to a press release issued by the Public Prosecutor Service in The Netherlands, the National Prosecutor in Barcelona ordered SK’s arrest and the seizure of computers and mobile phones from the accused’s residence there. The arrest is being billed as a collaboration of a unit called Eurojust, the European Union’s Judicial Cooperation Unit.

The dispute began late last year, when Spamhaus added to its blacklist several Internet address ranges in the Netherlands. Those addresses belong to a Dutch company called “Cyberbunker,” so named because the organization is housed in a five-story NATO bunker, and has advertised its services as a bulletproof hosting provider.

“A year ago, we started seeing pharma and botnet controllers at Cyberbunker’s address ranges, so we started to list them,” said a Spamhaus member who asked to remain anonymous. “”We got a rude reply back, and he made claims about being his own independent country in the Republic of Cyberbunker, and said he was not bound by any laws and whatnot. He also would sign his emails ‘Prince of Cyberbunker Republic.” On Facebook, he even claimed that he had diplomatic immunity.”

Cyberbunker's IP ranges. Its  WHOIS records put the organization in Antarctica.

Cyberbunker’s IP ranges. Its WHOIS records put the organization in Antarctica.

Spamhaus took its complaint to the upstream Internet providers that connected Cyberbunker to the larger Internet. According to Spamhaus, those providers one by one severed their connections with Cyberbunker’s Internet addresses. Just hours after the last ISP dropped Cyberbunker, Spamhaus found itself the target of an enormous amount of attack traffic designed to knock its operations offline.

It is not clear who SK is, but according to multiple sources, the man identified as SK is likely one Sven Olaf Kamphuis. The attack on Spamhaus was the subject of a New York Times article on Mar. 26, 2013, which quoted Mr. Kamphuis as a representative of Cyberbunker and saying, “We are aware that this is one of the largest DDoS attacks the world had publicly seen.” Kamphuis also reportedly told The Times that Cyberbunker was retaliating against Spamhaus for “abusing their influence.”

Also, a Facebook profile by that same name identifies its account holder as living in Barcelona and a native of Amsterdam, as well as affiliated with “Republic Cyberbunker.”

Mr. Kamphuis could not be immediately reached for comment.

70 thoughts on “Dutchman Arrested in Spamhaus DDoS

  1. IA Eng

    There will be many countries interested in the way this potential threat DOS’ed the Spamhaus organization. I have followed this event pretty closely.

    The Spamhaus orgainzation tries to remain unbiased about its findings and overall, they do a great job. they DO allow some time for cleanup of an intrusion or network issue before they add an IP, person or otherwise on the list.

    From what I read, the feedback from Spamhaus appeared as if they were affected byt the DoS attack, but not totally knocked down or TKO’ed.

    The countries will look over his equipment in earnest, since he was able to use DoS techiques that exceeded the stereotypical limits seen during other DoS attacks in the past.

    There are many countries that consider an attack via the internet that travels through their country illegal, and to even think he can create his own country and then simply leaving his so called regime and going shopping or traveling on the roads of another country utilizing their license plates, drivers credentials and other luxuary items without the thought of creating these services on his own.

    One step short of Looney Tunes, thinking that since he buys a building and can call it whatever it is, is fine, but once those actions turn into vile, unethical, unlawful and dangerous acts, one can only assume this would be the tip of the iceberg.

    I am glad they caught him in this semi-unvolitale state. If the would have waited much longer, it could have been alot worse. I am reluctant to say this, but this could have been a BIG player in the upcoming hacker event known as OP USA.

    Good job on catching this wanna be tyrant.

    1. saucymugwump

      “think he can create his own country and then simply leaving his so called regime and going shopping or traveling on the roads of another country utilizing their license plates, drivers credentials and other luxuary items without the thought of creating these services on his own.”

      The USA has this personality type in the Tea Party. These people claim that government is useless and demand that all taxes and regulations be abolished, and then, just like the above quoted text describes, they drive somewhere on roads that taxes paid for, drink water through pipes that taxes paid for, visit a library that taxes paid for, breathe air which is no longer full of toxic chemicals as it was in Donora in 1948 but only because of the Clean Air Act, etc. These people never put their money where their mouth is and move to Somalia, where there are no taxes or government regulations; of course, there is a good chance of being held for ransom or killed in the street, but one must follow one’s ideals, right?

      1. Steve

        Your comment strays far from the topic. Not surprising, since your comment shows that you live far from reality. In your defense, you could, of course, plead ignorance… the evidence certainly supports that plea.

            1. saucymugwump

              Off-topic, yes, that is somewhat true, though I did pick-up on something the previous poster said.

              Any imbecile can claim that someone’s words are nonsense.

          1. Steve

            There’s one right there: I have no afiliation with any Tea Party organization. But that’s enough; I don’t feed trolls.

            1. saucymugwump

              How convenient for you!

              P.S. A troll is someone who posts a controversial opinion and then never responds, hoping to create a flame-war. I post on many subjects and defend my opinions. I have a blog with pages and pages of well-researched commentary. Your definition of the word is not mainstream.

              1. IA Eng

                I got your back Saucy, the guy – and anyone who believes this guy is NOT wacko belongs in the same cell with him. I think it would take a mere hour for them to see the light.

                Commmon, you want to start your own country? Declare self immunity? Ignorance is bliss, but at who’s cost? You honestly think the country is willing to give up their soil to some wacko with issues?

                Plain and to the point, he definately belongs somewhere other than spewing forth vile material. It would have been just a matter of time before the really really BAD stuff gained a foothold on his servers.

                Its ok to defend someone when it doesn’t immediately affect you. But by God, stand by for the other dark side of the defenders if they were infected by this…. heap of stinking mess.

      2. Dalt

        Your hateful tone aside, no, the tea party does not advocate getting rid of all tax or all regulation. They simply fight to return the power for taxation and regulation back to the states rather than in the hands of the corrupt federal government.

        1. meh

          And give it to more corrupt states or corporations.

          As far as this topic is from the article, it is actually fairly related. Technology has replaced a lot of jobs and viable careers, and many people who would have been middle class now find themselves trapped outside the economy, outside of society.

          Chasing down and doing something about issues like spam, crime rings, swatting, etc requires a lot of cooperation across state and international borders, something the tea party crowd rejects and most of them fail to even start to comprehend. If the democrat’s message is one of unity, theirs is one of “me first”.

          1. Richard Draucker

            meh: “Technology has replaced a lot of jobs and viable careers, and many people who would have been middle class now find themselves trapped outside the economy, outside of society.”

            While it’s true that technology has replaced a lot of jobs and formerly viable careers, that isn’t the reason why many people who would have been middle class now find themselves trapped outside the economy.

            Technology has actually created more jobs and viable careers, different ones, but more. And let me clarify that many, if not most of them, pay better then the ones they replaced.

            There are only two things that have caused so many people who would have been middle class to be trapped outside the economy. The first and most obvious is the global economy.

            If you take two beekers of water or two separate group of wage earners. In one you put a low amount of water or low wages. In the other you put a high amount of water or high wages. Independently, they will function at the same level forever, but once you connect them with a pipe or undersea cable, they will seek equilibrium. That is, in part, what’s happening to American wages.

            The second part of what has happened is, given the opportunity to do so, many people from the high wage economy would use their resoures to take advantage of the greater buying power being achieved elsewhere. Thereby maintaining their own wage levels.

            However, as a result of Ronald Reagan restructuring the banking and financial industry in America, opportunity in America has all but dried up. The very idea of a family business is now something people think of as being from a simpler time in American history. There are no longer any family pharmacies, hardware stores, or dress shops. Now, there are only VC and market funded national chains offering paltry wages.

            Don’t blame technology for what’s happened to the middle class, blame Congress. It’s their fault, both Republican and Democrat are equally at fault. The Republicans want all the money going to their corporate cronies who line their pockets and the Democrats are quite happy to go along so they can make more people dependent on their handouts (resulting in more votes for them).

            To keep themselves in power, the politicians have carved up America into separate groups based on race, gender, belief, and wealth because they know, united we stand, divided we fall.

            1. Mike Molova

              Kids today are taught how to be a drone of some slave master they call a boss. They are taught how to be a good employee and that is about it. Is it any wonder our kids can’t do anything but live paycheck to paycheck and are constantly worried about losing their jobs?

              I reject the “Republicans are greedy SOB’s” mantra the media keeps portraying. The conservative classes want nothing more than for people to become strong and self reliant again. Self reliance however is not taught anymore. Collectivism and giving your life to the communist hive is all that is taught anymore. The economy will get worse and the rich/poor divide will become greater because our education system is as broken as it can be almost. More and more people will unfortunately turn to cyber crime to not only get rich and avoid the rat race. Nothing the liberal education camps are doing are preparing our kids for self reliance, freedom or faith. They teach kids to be parasites and it’s unfortunately what they become.

              1. meh

                Good points Richard,

                Mike, not so much –

                Your views are both off a bit because you fail to see the economy as a system, it is not a singular occurance but a dynamically changing entity that has been and can be shaped by taxes, national or state laws, and society.

                I disagree with your statement about ‘many more jobs’ being created… In fact many LESS jobs have been created, and the vast majority of what is created these days are low paying, no benefit type jobs. (I could link but its easily found).

                Infinite growth which our current system is based on is doomed to fail – with 7 billion people and 5 billion living in some form of poverty so 1300 billionaires can gorge themselves is not a viable model and as a result many millions around the world are getting fed up. What is interesting is how this affects global technology crimes and protests… Everything from spam to swatting to ATM skimming to identity fraud comes about because of one basic problem – the banks aren’t on the hook if your money goes missing. They frankly don’t care. They’re too busy out there bundling worthless batches of loans together and making billions in phantom profits to care about a few thousand of your dollars going missing.

                It is a crock that ‘conservative’ goals are to bring about self reliance and growth – mathmatically that simply cannot happen when we have less income mobility than most banana republics and virtually every law or goal they push for has one obvious result – further consolidation of wealth and power for those few at the top. Statistically someone born today has less chance of real success than in dozens of other time periods or current countries, and ignoring that bald fact won’t make someone working 3 jobs for minimum wage magically cast off all the systemically created problems that will keep him needing 3 jobs to get by for life.

    2. Richard Draucker

      “The Spamhaus orgainzation tries to remain unbiased about its findings and overall, they do a great job.”


      There is never any real evidence of spam. Spamhaus places IP addresses on their list based on nothing short of mob rule. Their so-called evidence of spam would never hold up in any court.

      The Spamhaus list is full of outdated IP addresses because Spamhaus has no standard system for removal of IP addresses.

      Nearly every IP address I’ve been assigned by hosting companies over the past several years has needed to be removed from the Spamhaus list.

      At the same time, IP addresses from large corporations are never added to the Spamhaus list. Currently, the Amazon AWS system is THE major source of spam and hacking. Yet no amount of complaints or evidence is enough to cause Spamhaus to take action.

      Spamhaus expands it’s customer base of Internet Service Providers through intimidation by threatening anyone who refuses to buy their list with being added to it.

      That’s the real reason they went after Cyberbunker, which won a lawsuit against Spamhaus for forcing Cyberbunker’s backbone suppliers to withhold service without valid evidence of spam.

      1. IA Eng

        “Nearly every IP address I’ve been assigned by hosting companies over the past several years has needed to be removed from the Spamhaus list. ”

        Just because you follow the footsteps of the illicit when it comes to using an IP, means there has to be a change of thought. If one keeps falling into the same hole, and blaming others, who’s fault is that?

        And just think….hummmmm if you would have used Spamhaus as a research tool BEFORE you bought into a bogus IP, MAYBE it could have prevented the pitfalls.

        Hopefully, the light will come on one day.

        1. Richard Draucker

          “If one keeps falling into the same hole, and blaming others, who’s fault is that? hummmmm if you would have used Spamhaus as a research tool BEFORE you bought into a bogus IP,”

          Why are you commenting? Either you don’t know anything about the Internet, hosting, and IP addresses or you’re a shill for Spamhaus. So, to clarify the facts for readers…

          Hosting subscribers don’t choose IP addresses. You’re automatically assigned an address via a web based interface (typically WHM) when setting up an account. Since you neither know what the IP address will be ahead of time nor have any choice in what it will be, there is nothing to research.

          Can you whine to your hosting provider to have an address changed if it turns out to be on the Spamhaus list? Sure, but the next one assigned will probably be on the list too.

          Almost all open IPv4 addresses were used by spammers at some point in time because, once an IP address is blocked, spammers just change addresses and move on, leaving a trail of blocked addresses behind them.

          Hosting providers have what they have. IPv4 addresses are in short supply and rotated to new customers when they’re abandoned by prior customers. Since Spamhaus doesn’t monitor blocked addresses for change of ownership and has no system to determine whether an address is no longer being used for spam. Hosting customers are left to repeatedly live through the nightmare of getting newly assigned addresses unblocked. It’s a process that, in the case of the ATT network, typically takes up to 3 months during which you can’t email any of their subscribers.

          The fact that nearly all open IPv4 addresses are already on the Spamhaus list proves that the very basis of the Spamhaus system is flawed. It’s little more than a scam which the large corporations support because Spamhaus never blocks their IP addresses, so it helps them limit competition from small business owners.

          The entire RBL concept is flawed and should be replaced.

          1. SeymourB

            I have a real solution to you, and it doesn’t even involve replacing the functional RBL system… get a hosting provider that doesn’t accept spammers.

            Seriously, these guys jump from ISP to ISP, getting banned as they go, but they’re always the same group of ISPs. But stay out of that group and you’ll have no problem.

            Unless, of course, you’re running the sort of business that’s getting legitimately blacklisted for your actions. In which case too bad.

            1. Richard Draucker

              “Your complaining about the IPs being listed, and why do you THINK (at least I hope you do) they got put on that list in the first place? ”

              Let be clear, they got put on the list because some jerk decided to report the business using the IP address. That happens to be one of the key issues with the Spamhaus list. It’s simply not valid. Anyone can say anything they want to about a business, that doesn’t make it true. Spamhaus fails to properly investigate allegations and doesn’t notify those accused that they have been targeted.

              Once added, those IP addresses never get removed from the list. As a result, the Spamhaus database is totally corrupt, full of IP addresses that at one time may or may not have been used for spam, but now sit idle waiting to taint some unsuspecting small business owner.

              In my case, I spent 2 years building a business to where I needed to upgrade my server. That resulted in the assignment of a new IP address that tainted my business as a spammer.

              Some small business owners get assigned such an IP the first time they sign up for hosting and don’t have the background or knowledge to know what to do.

              The bulk of IP addresses on the Spamhaus list were used by small business owners who send a few dozen emails weekly to likely prospects. There is a huge difference between a local retail business sending a few dozen emails to community residents versus a spammer who sends millions of emails per day. However, Spamhaus fails to differentiate between them, doesn’t notify the business that their IP address is in jeopardy, and has no transparent system for removal. The system is corrupt and broken.

              The suggestion that one should choose a hosting provider who doesn’t accept spammers is typical of the bogus excuse making Spamhaus uses to cover its extensive corruption. The typical hosting provider is a reseller who uses an automated system based on WHM. He doesn’t accept spammers. What he does accept are small business owners who at sometime decide to spend a few dozen “specials of the week” emails to likely prospects, resulting in his IP address being added to the Spamhaus list.

              In my case, my hosting provider was LiquidWeb, one of the largest and most respected hosting providers in the nation. They have thousands of customers. The idea that they can monitor and identify some small business owner sending a couple dozen “specials of the week” emails that result in his IP being added to the Spamhaus list is absurd.

              You can make all the excuses you want. The basic concept of the RBL isn’t valid, but Spamhaus makes it worse by being corrupt, readily adding IP addresses from small hosting providers while ignoring those from large companies such as Amazon AWS.

              Additionally, the problem of Amazon AWS isn’t some “misadventure” on my part. The problem is so well known that their entire IP address block is published on the web (just search Google) so they can be blocked at the htaccess level since Spamhaus is too corrupt to include them in their RBL.

              It’s simple, Spamhaus is run by egotistic degenerates who have a failed business model they perpetuate by attacking anyone who exposes their incredibly corrupt practices, just as you have attempted to attack me.

              Corrupt people like you always believe everyone else is corrupt. I understand, it helps you avoid feeling bad about yourselves.

              1. Johnny

                So Richard, are you a spammer? Why do some people feel that they are entitled to email any random John Doe on the Internet to sell them whatever. It’s lazy people who don’t have real business leads.

                Our company is b2b, not retail, but we never read spam, it gets filtered to junk if we haven’t pre-approved the sender.

                We have our Phone and Fax #s on our website. People who can’t be bothered to call or fax us, are not considered potential customers or suppliers.

                Why would we correspond with some company via email, if they can’t be troubled to even call us? Random companies spamming on the Internet are not considered potential business partners at all.

                If someone has taken the time to learn about our business, and they feel we could mutually benefit each other, they call us. They don’t send canned spam email. That’s for lazy companies.

                1. Richard Draucker

                  Johnny, no I’m not a spammer, and I don’t support the use of high volume bulk email for marketing.

                  What I object to is Spamhaus, their founder, their employees, their methods, and their intent. They are nothing more than an anti-competition tool of the big corporations that support them.

                  I also think that people who object to being told about a product or service by a local business are being stupid and anti-American. You only take phone solicitations? Do you have any idea how many people object to phone calls?

                  The big corporations love to hear anti-direct mail and anti-spam rhetoric. That’s why they support Spamhaus, which only goes after legitimate small private business owners.

                  The big corporations know they don’t need to worry about competing against a small local hardware store if the only way for that hardware store can reach people is through a multi-million dollar national ad campaign.

                  Want to know where all the local hardware stores, family owned pharmacies, and neighborhood businesses have gone? You destroyed them. The only family owned businesses left in America are corporate franchises.

                  Go ahead, support Spamhaus and their corporate sponsors. Pretty soon you’ll be working for minimum wage or living off the government dole like so many others who were once in the middle class.

                  I’m the only person I know who didn’t support attacking Iraq. It would have been nice if others had wised up before the government spent a trillion dollars helping Iran get a new BFF. Similarly, it would be very nice if all of you would wise up about Spamhaus and other RBL operators before the middle class ceases to exist.

                  Reading beyond the press releases often takes real work. But try it sometime, you might be surprised to learn the real story.

      2. IA Eng

        either you are “one of them” or you have a delusional, disjointed fanatical way of thinking…. Nope, Sorry! cant be, Highly doubtful, I cannot be wrong. Nope, Don’t can what others have to say. Flame them and cause hate and discontent. Yep.

        Chris is right on, you will always work for someone else. You are probably fed up that others can make a difference. Carrying around a facial expression like you ate a pound of sour grapes after hitting your foot with a 10 pound mallet.

        I will do as many in the past do, simply ignore your comments and inputs, because at best, all I hear is an inner whining.

        1. Richard Draucker

          Now here’s something interesting…

          Reviewing the comments, two things become apparent. Those defending Spamhaus never use their own names. Additionally, they don’t actually defend Spamhaus, instead depending on personal attacks and a variety of invalid suggestions for how to avoid being caught up by it.

          That suggests that Spamhaus is too corrupt to defend directly or have your own name associated with.

    3. STOPhaus

      You are an obvious Spamhaus troll. First, no one has “caught” anyone. Sven was on every media channel in the world and was not hiding. Secondly, spamhaus sure as hell didn’t catch anyone and no one has been charged with anything. At this point, it very well could end with Sven being released very quietly and Spamhaus execs being arrested and convicted of federal terrorism crimes. You are the worst disinformationalist I have ever seen.

      A HUGE thanks to Xeroflux for providing such a detailed piece on how to handle groups like NANAE, Spamhaus, COINTEL, and other Disinformationalist organizations representing big corporations that are destroying the planet.

      [Link withheld for privacy]

      Twenty-Five Rules of Disinformation

      Note: The first rule and last five (or six, depending on situation) rules are generally not directly within the ability of the traditional disinfo artist to apply. These rules are generally used more directly by those at the leadership, key players, or planning level of the criminal conspiracy or conspiracy to cover up.

      1. Hear no evil, see no evil, speak no evil. Regardless of what you know, don’t discuss it — especially if you are a public figure, news anchor, etc. If it’s not reported, it didn’t happen, and you never have to deal with the issues.

      2. Become incredulous and indignant. Avoid discussing key issues and instead focus on side issues which can be used show the topic as being critical of some otherwise sacrosanct group or theme. This is also known as the ‘How dare you!’ gambit.

      3. Create rumor mongers. Avoid discussing issues by describing all charges, regardless of venue or evidence, as mere rumors and wild accusations. Other derogatory terms mutually exclusive of truth may work as well. This method which works especially well with a silent press, because the only way the public can learn of the facts are through such ‘arguable rumors’. If you can associate the material with the Internet, use this fact to certify it a ‘wild rumor’ from a ‘bunch of kids on the Internet’ which can have no basis in fact.

      4. Use a straw man. Find or create a seeming element of your opponent’s argument which you can easily knock down to make yourself look good and the opponent to look bad. Either make up an issue you may safely imply exists based on your interpretation of the opponent/opponent arguments/situation, or select the weakest aspect of the weakest charges. Amplify their significance and destroy them in a way which appears to debunk all the charges, real and fabricated alike, while actually avoiding discussion of the real issues.

      5. Sidetrack opponents with name calling and ridicule. This is also known as the primary ‘attack the messenger’ ploy, though other methods qualify as variants of that approach. Associate opponents with unpopular titles such as ‘kooks’, ‘right-wing’, ‘liberal’, ‘left-wing’, ‘terrorists’, ‘conspiracy buffs’, ‘radicals’, ‘militia’, ‘racists’, ‘religious fanatics’, ‘sexual deviates’, and so forth. This makes others shrink from support out of fear of gaining the same label, and you avoid dealing with issues.

      6. Hit and Run. In any public forum, make a brief attack of your opponent or the opponent position and then scamper off before an answer can be fielded, or simply ignore any answer. This works extremely well in Internet and letters-to-the-editor environments where a steady stream of new identities can be called upon without having to explain criticism, reasoning — simply make an accusation or other attack, never discussing issues, and never answering any subsequent response, for that would dignify the opponent’s viewpoint.

      7. Question motives. Twist or amplify any fact which could be taken to imply that the opponent operates out of a hidden personal agenda or other bias. This avoids discussing issues and forces the accuser on the defensive.

      8. Invoke authority. Claim for yourself or associate yourself with authority and present your argument with enough ‘jargon’ and ‘minutia’ to illustrate you are ‘one who knows’, and simply say it isn’t so without discussing issues or demonstrating concretely why or citing sources.

      9. Play Dumb. No matter what evidence or logical argument is offered, avoid discussing issues except with denials they have any credibility, make any sense, provide any proof, contain or make a point, have logic, or support a conclusion. Mix well for maximum effect.

      10. Associate opponent charges with old news. A derivative of the straw man — usually, in any large-scale matter of high visibility, someone will make charges early on which can be or were already easily dealt with – a kind of investment for the future should the matter not be so easily contained.) Where it can be foreseen, have your own side raise a straw man issue and have it dealt with early on as part of the initial contingency plans. Subsequent charges, regardless of validity or new ground uncovered, can usually then be associated with the original charge and dismissed as simply being a rehash without need to address current issues — so much the better where the opponent is or was involved with the original source.

      11. Establish and rely upon fall-back positions. Using a minor matter or element of the facts, take the ‘high road’ and ‘confess’ with candor that some innocent mistake, in hindsight, was made — but that opponents have seized on the opportunity to blow it all out of proportion and imply greater criminalities which, ‘just isn’t so.’ Others can reinforce this on your behalf, later, and even publicly ‘call for an end to the nonsense’ because you have already ‘done the right thing.’ Done properly, this can garner sympathy and respect for ‘coming clean’ and ‘owning up’ to your mistakes without addressing more serious issues.

      12. Enigmas have no solution. Drawing upon the overall umbrella of events surrounding the crime and the multitude of players and events, paint the entire affair as too complex to solve. This causes those otherwise following the matter to begin to lose interest more quickly without having to address the actual issues.

      13. Alice in Wonderland Logic. Avoid discussion of the issues by reasoning backwards or with an apparent deductive logic which forbears any actual material fact.

      14. Demand complete solutions. Avoid the issues by requiring opponents to solve the crime at hand completely, a ploy which works best with issues qualifying for rule 10.

      15. Fit the facts to alternate conclusions. This requires creative thinking unless the crime was planned with contingency conclusions in place.

      16. Vanish evidence and witnesses. If it does not exist, it is not fact, and you won’t have to address the issue.

      17. Change the subject. Usually in connection with one of the other ploys listed here, find a way to side-track the discussion with abrasive or controversial comments in hopes of turning attention to a new, more manageable topic. This works especially well with companions who can ‘argue’ with you over the new topic and polarize the discussion arena in order to avoid discussing more key issues.

      18. Emotionalize, Antagonize, and Goad Opponents. If you can’t do anything else, chide and taunt your opponents and draw them into emotional responses which will tend to make them look foolish and overly motivated, and generally render their material somewhat less coherent. Not only will you avoid discussing the issues in the first instance, but even if their emotional response addresses the issue, you can further avoid the issues by then focusing on how ‘sensitive they are to criticism.’

      19. Ignore proof presented, demand impossible proofs. This is perhaps a variant of the ‘play dumb’ rule. Regardless of what material may be presented by an opponent in public forums, claim the material irrelevant and demand proof that is impossible for the opponent to come by (it may exist, but not be at his disposal, or it may be something which is known to be safely destroyed or withheld, such as a murder weapon.) In order to completely avoid discussing issues, it may be required that you to categorically deny and be critical of media or books as valid sources, deny that witnesses are acceptable, or even deny that statements made by government or other authorities have any meaning or relevance.

      20. False evidence. Whenever possible, introduce new facts or clues designed and manufactured to conflict with opponent presentations — as useful tools to neutralize sensitive issues or impede resolution. This works best when the crime was designed with contingencies for the purpose, and the facts cannot be easily separated from the fabrications.

      21. Call a Grand Jury, Special Prosecutor, or other empowered investigative body. Subvert the (process) to your benefit and effectively neutralize all sensitive issues without open discussion. Once convened, the evidence and testimony are required to be secret when properly handled. For instance, if you own the prosecuting attorney, it can insure a Grand Jury hears no useful evidence and that the evidence is sealed and unavailable to subsequent investigators. Once a favorable verdict is achieved, the matter can be considered officially closed. Usually, this technique is applied to find the guilty innocent, but it can also be used to obtain charges when seeking to frame a victim.

      22. Manufacture a new truth. Create your own expert(s), group(s), author(s), leader(s) or influence existing ones willing to forge new ground via scientific, investigative, or social research or testimony which concludes favorably. In this way, if you must actually address issues, you can do so authoritatively.

      23. Create bigger distractions. If the above does not seem to be working to distract from sensitive issues, or to prevent unwanted media coverage of unstoppable events such as trials, create bigger news stories (or treat them as such) to distract the multitudes.

      24. Silence critics. If the above methods do not prevail, consider removing opponents from circulation by some definitive solution so that the need to address issues is removed entirely. This can be by their death, arrest and detention, blackmail or destruction of their character by release of blackmail information, or merely by destroying them financially, emotionally, or severely damaging their health.

      25. Vanish. If you are a key holder of secrets or otherwise overly illuminated and you think the heat is getting too hot, to avoid the issues, vacate the kitchen.

      Eight Traits of the Disinformationalist

      1) Avoidance. They never actually discuss issues head-on or provide constructive input, generally avoiding citation of references or credentials. Rather, they merely imply this, that, and the other. Virtually everything about their presentation implies their authority and expert knowledge in the matter without any further justification for credibility.

      2) Selectivity. They tend to pick and choose opponents carefully, either applying the hit-and-run approach against mere commentators supportive of opponents, or focusing heavier attacks on key opponents who are known to directly address issues. Should a commentator become argumentative with any success, the focus will shift to include the commentator as well.

      3) Coincidental. They tend to surface suddenly and somewhat coincidentally with a new controversial topic with no clear prior record of participation in general discussions in the particular public arena involved. They likewise tend to vanish once the topic is no longer of general concern. They were likely directed or elected to be there for a reason, and vanish with the reason.

      4) Teamwork. They tend to operate in self-congratulatory and complementary packs or teams. Of course, this can happen naturally in any public forum, but there will likely be an ongoing pattern of frequent exchanges of this sort where professionals are involved. Sometimes one of the players will infiltrate the opponent camp to become a source for straw man or other tactics designed to dilute opponent presentation strength.

      5) Anti-conspiratorial. They almost always have disdain for ‘conspiracy theorists’ and, usually, for those who in any way believe JFK was not killed by LHO. Ask yourself why, if they hold such disdain for conspiracy theorists, do they focus on defending a single topic discussed in a NG focusing on conspiracies? One might think they would either be trying to make fools of everyone on every topic, or simply ignore the group they hold in such disdain.Or, one might more rightly conclude they have an ulterior motive for their actions in going out of their way to focus as they do.

      6) Artificial Emotions. An odd kind of ‘artificial’ emotionalism and an unusually thick skin — an ability to persevere and persist even in the face of overwhelming criticism and unacceptance. This likely stems from intelligence community training that, no matter how condemning the evidence, deny everything, and never become emotionally involved or reactive. The net result for a disinfo artist is that emotions can seem artificial.

      Most people, if responding in anger, for instance, will express their animosity throughout their rebuttal. But disinfo types usually have trouble maintaining the ‘image’ and are hot and cold with respect to pretended emotions and their usually more calm or unemotional communications style. It’s just a job, and they often seem unable to ‘act their role in character’ as well in a communications medium as they might be able in a real face-to-face conversation/confrontation. You might have outright rage and indignation one moment, ho-hum the next, and more anger later — an emotional yo-yo.

      With respect to being thick-skinned, no amount of criticism will deter them from doing their job, and they will generally continue their old disinfo patterns without any adjustments to criticisms of how obvious it is that they play that game — where a more rational individual who truly cares what others think might seek to improve their communications style, substance, and so forth, or simply give up.

      7) Inconsistent. There is also a tendency to make mistakes which betray their true self/motives. This may stem from not really knowing their topic, or it may be somewhat ‘freudian’, so to speak, in that perhaps they really root for the side of truth deep within.

      I have noted that often, they will simply cite contradictory information which neutralizes itself and the author. For instance, one such player claimed to be a Navy pilot, but blamed his poor communicating skills (spelling, grammar, incoherent style) on having only a grade-school education. I’m not aware of too many Navy pilots who don’t have a college degree. Another claimed no knowledge of a particular topic/situation but later claimed first-hand knowledge of it.

      8) Time Constant. Recently discovered, with respect to News Groups, is the response time factor. There are three ways this can be seen to work, especially when the government or other empowered player is involved in a cover up operation:

      a) ANY NG posting by a targeted proponent for truth can result in an IMMEDIATE response. The government and other empowered players can afford to pay people to sit there and watch for an opportunity to do some damage. SINCE DISINFO IN A NG ONLY WORKS IF THE READER SEES IT – FAST RESPONSE IS CALLED FOR, or the visitor may be swayed towards truth.

      b) When dealing in more direct ways with a disinformationalist, such as email, DELAY IS CALLED FOR – there will usually be a minimum of a 48-72 hour delay. This allows a sit-down team discussion on response strategy for best effect, and even enough time to ‘get permission’ or instruction from a formal chain of command.

      c) In the NG example 1) above, it will often ALSO be seen that bigger guns are drawn and fired after the same 48-72 hours delay – the team approach in play. This is especially true when the targeted truth seeker or their comments are considered more important with respect to potential to reveal truth. Thus, a serious truth sayer will be attacked twice for the same sin.

  2. JimV

    Book him, Danno! (And then throw the entire book at him for a really long-time lockup somewhere unpleasant….)

  3. E.M.H.

    Correct me if I’m not reading this right, but apparently this guy ended up exposing himself and whatever botnet he managed to control for no more reason than to throw a tantrum?

    In a way, this guy self-selected out of the criminal pool and right into jail. He could’ve used that level of control for illicit profit, but instead used it to lash out at someone for no gain, and a helluva lot of loss.

    Don’t get me wrong; I’m not mourning his arrest. On the contrary, I’m celebrating it. It’s a good thing one of these guys went down. I’m just amazed that he wasn’t disciplined enough to figure out he could make money or accomplish other things from where he was at. Then again, he sounded like he was a bit off mentally, so maybe it shouldn’t be a surprise.

    1. Uzzi

      After Spamhaus caused de-peering his income source ran dry and I guess the botnet used to attack Spamhaus wasn’t his own…

      1. Joao

        He obviously had computers to confiscate, so he obviously had resources to launch an attack.

    2. Joao

      Being of mentally is no longer an excuse since it does not preclude launching an destructive attack.

    3. Joao

      Being off mentally is no longer an excuse since it does not preclude launching an destructive attack.

  4. saucymugwump

    “he made claims about being his own independent country in the Republic of Cyberbunker, and said he was not bound by any laws and whatnot.”

    Sounds exactly like the Muslim train bomber in Toronto who said that “all of those conclusions was taken out based on Criminal Code and all of us we know that this Criminal Code is not holy book, it’s just written by set of creations (i.e. non-Muslims).”

    Nuts will be nuts.

    1. Vee

      Like I said before on here, it goes no deeper than “this person will of course justify what they do because they did it and they liked doing it.” That kind of thinking can come about from a average person going “Well I’ll eat the last food item in the fridge so it isn’t wasted”, which is harmless justification. You start becoming desensitized, or have other things going on inside your head however, then it turns into “people die everyday, pressure cooker bombs are nothing to feel anything over” which is the mindset of Dzhokhar Tsarnaev. And then of course they’ll also latch onto any other idea that supports their behavior to further justify it.


      Basically, people like to justify things they do and not view themselves as faulty. Big shocker, huh?

  5. john senchak

    This Sven Olaf Kamphuis (SK) lowlife is highly delusional in his thinking. It’s kind of that grandiose , ” I’ll show you that I’m better mentality” that hard core hackers are known for. So anyway this shows yet again that hackers and cyber-criminals do eventually get caught and they are “not above the law”

    This cowardly prince has now been dethroned at the bunker

      1. saucymugwump

        “Crebs, its your fault”

        The spelling mistake is strange given that the crackers are probably Russian and the Cyrillic alphabet contains a ‘K’ pronounced as it is in English and a ‘C’ pronounced like an English ‘S’.

        1. Joao

          Maybe they’re not Russians. Maybe they’re Kambodians, Kook Islanders, Kroatians, Kubans, or even Kanadians redirecting to Kolombia, or just maybe they’re just Kooks!

  6. Uzzi


    “On 13 May 2010, the Hamburg District Court ordered an injunction against CB3Rob Ltd & Co KG (Cyberbunker) and its operator, Mr. Sven Olaf Kamphuis, restraining them from connecting The Pirate Bay site to the Internet. The injunction application was brought by the Motion Picture Association’s member companies.” (http://en.wikipedia.org/wiki/The_Pirate_Bay)

    The flag he’s showing belongs to the Pirate Party movement of which’s german and netherlands parties he is/was a member of… (http://en.wikipedia.org/wiki/Pirate_Parties_International)

    IMHO this DDOS was an act of cyberterrorism and he should be imprisoned whith his cybercriminal friends in his depeered bunker for the rest of his life breeding mushrooms. 😉

  7. Potato

    Sven is crazier than a snake’s armpit. Good riddance, too. He contributes nothing to the world.

  8. Kirk

    “Mr. Kamphuis could not be immediately reached for comment.” because he is detained! lol Krebs you’re awesome 🙂

  9. John

    Your article is loaded and we all know it. Spamhaus is not an RBL. They have an escalation process that they are not hiding and it clearly shows extortion procedures.

    Sven did not carry out any attacks and the mere fact that “the attacks started hours after the last ISP dropped Cyberbunker” should give you half the clues on that from the start.

    STOPhaus is nothing more than a group of people Spamhaus did wrong and/or are tired of the censorship practices and their apparent immunity to scrutiny through diverse shell company structuring.

    No one attacked Cloudflare. When an attack is targeted to a specified DNS record, it is the action of the person mitigating the attack that decides where the payload is distributed and how. Cloudflare made their own decisions and must accept the good consequences with the bad. They can not make poor admin decisions and then place blame on an attack that had nothing to do with them until they got in the middle of it.

    The attacks were carried out by attackers in countries where their actions were perfectly legal. Regardless of what your country’s laws are or even those of my country…in their country they are innocent by a lack of regulation against their actions.

    The attacks began on March 15th, but Spamhaus doesn’t want to be honest about being down for a week before going to Cloudflare and Cloudflare isn’t going to admit it took them 3 days of poor decisions before finally putting the DNS behind a reverse proxy.

    No one seems to want to talk about the fact that Cloudflare has over 50 listings on Spamhaus databases until they took a bullet for Spamhaus and in return, Spamhaus delisted all their IPs from their databases, regardless of the fact that Cloudflare is a well-known “spam support service” and claims to be a bullet-proof host themselves, which is exactly what Sven’s Cyberbunker was listed for to begin with.

    The whole corporate structure of Spamhaus stinks to high orbit and every Google search into their public records turns up more and more dirt. The only mystery in our eyes is why the media continues to act as if these facts are not true or not worthy of publication, but more so, why any media outlet would condone censorship in any way.

    We want to ask all media outlets…what if it were your media being censored?

    1. Potato

      Lots of claims, no citations. Thanks but no thanks.

    2. BrianKrebs Post author

      “STOPhaus is nothing more than a group of people Spamhaus did wrong and/or are tired of the censorship practices and their apparent immunity to scrutiny through diverse shell company structuring.”

      Here, let me fix that for you:

      “STOPhaus is nothing more than a group of bulletproof hosting providers and carders Spamhaus did wrong and/or are tired of the censorship practices and their apparent immunity to scrutiny through diverse shell company structuring.”

    3. Joao

      Gee, that’s kind of odd. You seem to know all about it, John! I wonder why that is? Inside info, I suppose??

      Bad Boy, Bad Boy! Whatchu gonna do? Whatchu gonna do, when they come for you???

  10. John Reedaw

    In case you may find it interesting, this is the justification for Operation StopHaus.


    Some will call it self-justification, others will say they were right to do so. I think that, like in life, there are greyish tones everywhere. I don’t support Opeation StopHaus, but at the same time I do believe SpamHaus strategies can be have extorsion traits if they end up focusing on someone innocent (yes, no one is always true, it can happen).

    1. Joao

      “…I think that, like in life, there are greyish tones everywhere….”

      Unfortunately, John, because of the threat of the ever increasing online criminal activity and terrorism, life is increasingly becoming a black and white issue.

      Consider that in the US torture, inprisonment w/o due process, and assassination of both foreign, and US, citizens has been approved of since the GWBush administration, and continues to be so.

      As this escalates, it will be very important to make it very clear that we are on the white side, and not even sympathetic to the black.

      Otherwise, we will inevitably be putting ourselves, and possible our families at risk. Is it worth it to make a point? Not for me.

      It’s been tried in N. Korea, and other such black & white regimes, but not too successfully. ;^)

  11. IA Eng

    Wooooooo. Man, this guy kept some strange company. The first URL is about stop house movement in Spamhaus.org’s opinion.


    The SECOND url is about his partner, his twisted ways of doing business. lets say 10% of what they say is true. Would you invite these guys over for tea?

    TRUCE ! Drop your guard for a second and enjoy some twisted entertainment on this second URL….hehehehehe. = )


    1. Richard Draucker

      Posting press releases from Spamhaus? Seems to me that makes you a spammer.

    2. IA Eng

      Click on his mug shot…wow… How is this guy not in white looney bin clothing?

      If you dig you will see many arrests, some dismissed, but at best, this is simply not “normal”.

      search court records for Stephens, Andrew
      he is Andrew J Stephens

      1. Richard Draucker

        Yeah, yeah, yeah…. we get it. You’re an employee of Scamhaus and you need, desperately, to have people believe your side of the story. But since you’re not really a legitimate organization, you’re only hope is to tar this fellow beyond belief.

  12. Uzzi

    Seems you’ve lost touch with reality…

    | The Spamhaus Project Organization:
    | 18 Avenue Louis Casai, CH-1209, Geneva, Switzerland
    | The Spamhaus Project Ltd. Registered Office:
    | 26 York Street, London W1U 6PZ, United Kingdom
    | A nonprofit company limited by guarantee.
    | Registered in London, England. Company No. 05303831.
    | Spamhaus and the Spamhaus Logo are Registered
    | Trademarks of The Spamhaus Project Ltd.

    (Source: http://www.spamhaus.org/organization/)

    1. Richard Draucker

      Legally organized and operating in a legitimate fashion are not the same thing. For example, having employees post spam comments and links to company press releases using untraceable screen names may be legal but it is hardly legitimate.

      Similarly, tarring small business owners who possess a single IP address auto-assigned by their hosting company while allowing Amazon AWS to operate the worlds largest spam and hacking operation without putting a single one of their IP addresses in your system is quite legal, but it’s simply not legitimate.

      Spamhaus is not a legitimate operation and every honest small business owner on the Spamhaus RBL who must deal with their email going to spam bins or not being delivered knows it.

      Clean up your database and introduce a transparent system for adding and removing addresses, and then you can claim you’re a legitimate operation. Until then, you’re no more legitimate than the spammers who operate from legally organized business entities.

      1. Chris

        If you’re this Richard Draucker (http://www.pkbusinessmarketing.com/lookupbook/) you’ve got some pretty dodgy business ethics yourself. And no, I’m not nothing to do with Spamhaus, just a regular Krebs reader who’s fed up with the broken nature of email, plus all the other dodgy seo, “fake directory” and other shysters out there.

        1. Richard Draucker

          So, you’re not affilated with Spamhaus, yet you post a link to discredit someone who exposes their corruption while ignoring this link…


          And then you reference the business mentioned as a “fake directory”. What exactly is a fake directory? Is that a directory of businesses that don’t exist?

          Let’s be clear, if you aren’t a Spamhaus employee or contractor, you’re at least a Spamhaus supporter who knows their practices aren’t legitimate and, lacking any valid means of defending them, you pull a classic “kill the courier” move.

          That’s pretty typical of Spamhaus shills.

          Judging by what I see in the media and on this and other comment threads, Spamhaus is spending big bucks to tar the guy who was arrested. Yet, so far, I haven’t seen anything posted that resembles evidence of his having done anything other than refuse to be bullied by Spamhaus and those of you on the the Spamhaus payroll.

          1. Joao

            Even if you believe everything your saying, do you expect us to believe that all of these small businesses are legit and not any spammers?

            I really, really dislike the behavior all spammers, highjackers, online criminals of all kinds, terrorists, and generally all the unethical opportunists that would do harm to others.

            I still respect them as people with spiritual value, but much can be learned in prison (I worked at one, and I certainly wouldn’t want to be put in one, but hard time offers its own growth opportunities ;^)

            Look at Kevin Mitnick. His attitude seems to have improved quite a bit. I didn’t like that fact that he was denied due process.
            But if you align yourself with the black side to make a point about injustice, good luck on that one these days.

            Anyone can suffer from being in the wrong place at the wrong time.

            I don’t like injustice, but I’ve been infected by foulware and lost a lot of data, time, energy and probably years of life expectancy, so it’s time something is done.

            And when that time comes, someone innocent always suffers, usually because of their own reactionary emotions and lack of precautions.

            Good luck.

            1. Richard Draucker

              Joao: “Even if you believe everything your saying, do you expect us to believe that all of these small businesses are legit and not any spammers?”

              No, of course not, but you really need to define the term spammer, and look at what percentage of spam comes from what sources.

              If a new business owner, a florist, whose past experience with the Internet is limited to looking up recipes and posting pictures to Facebook, sends two dozen emails to prospective customers, is she a spammer? Well, yes, but she isn’t the problem.

              The problem is the people behind the ever rotating IPs at places like Amazon AWS who send millions of emails daily for a variety of nefarious purposes. Those are the real spammers and they are responsible for more than 80% of all spam. Are they in the Spamhaus database? No.

              The Spamhaus database is dominated by those neighborhood florists while totally free of IP addresses for large corporations like Amazon AWS and ATT no matter how much spam comes from their networks.

              Spamhaus could easily clean up their database, they choose not to. They could easily send warning notices to small business owners prior to banning their IP, they choose not to. They could easily create an open and transparent system, they choose not to.

              They choose to ignore the sources of 80% of all spam while focusing on trivial small businesses that often don’t even think of what they are doing as spam.

              More importantly, rather than focusing on improving their system, whenever someone points out their corruption and lack of legitimacy, Spamhaus goes after the speaker. That’s why you see so many comments here attacking me, rather than defending the Spamhaus system.

              1. Johnny

                My neighborhood florists would send a mailer to my house,. They wouldn’t know I live near them via my personal email address? How would they know?

                If the florists are serious about wanting my business, they would research the demographic of my physical neighborhood. It costs them money to send out mailers, so they do proper research, unlike spammers.

                You’re just being silly now.

                I had never even heard of Spmahaus till this incident but now I’m glad they exist. Why should I waste time everyday dealing with you and the other lazy people like you, SPAM?

                How is Spamhaus corrupt and lack of legitimacy? You haven’t made any relevant points, since you seem to be a spammer.

                I’m all for Freedom of Speech and against censorship, as long as it happens on your website and not my Inbox. Of course if your Freedom of Speech is used for commerce activities, it can be regulated and many laws apply.

                1. Richard Draucker

                  Johnny – They wouldn’t know I live near them via my personal email address? How would they know?

                  They would know because you have done business with some other company that sold your information to a list broker who sold your information to the florist.

                  The average cost of B2C customer acquisition in America is in the hundreds of dollars, for B2B it can actually run into the thousands. Companies offset that cost by selling their list of customers.

                  Its pretty clear that few of the people defending Spamhaus have ever even heard of them. You just assume they must be good because, well, they’re against spam, and you’re against spam, so they must be good like you. And they do have such very nice press releases with lots of backing from the multinational corporations that are destroying the middle class.

                  It’s the same logic path Bush used to get approval for the invasion of Iraq and, gosh, that sure turned out well. The end result will be pretty much the sam… less competition, fewer jobs, lower wages, less opportunity, and higher taxes. But at least you won’t have to deal with spam or junk mail from local small business people, just spam from the fake pharmaceutical companies in India and Russia that Spamhaus doesn’t do anything about because they’re using the Amazon AWS system.

      2. IA Eng

        Whining about your misadventures with amazon is not going to cause Spamhaus.org to go away. It strengthens most of the comments your making. Your complaining about the IPs being listed, and why do you THINK (at least I hope you do) they got put on that list in the first place?

        You have any clue about network security? How quickly a scam can be brought online and listed in a major site like Amazon, Ebay or other B2B ? Hours. It takes less than 72 hours to knock them off line and ban that IP. It takes this thing called self-motivation to ask the right questions the right way to the right people to get the answers.

        I am not going to educate you on the ways of network security, FQDN, Hosting, Whois, Spamhaus and other agencies. Its truly not worth my time and effort. YOUR effort in the way of looking at items is the end result of what people think of you and at this moment, there isn’t much of a fan base in your corner.

        I’ll just put you on ignore. Chris, I think you hit the Bozo right on the head. It seems The topic at hand the potentially the person you are talking about have ethics issues ! Oh My… and at best … the ISP’s don’t want this….service so they are forced to go where others of their kind have traveled.

        AWESOME customer service there RD !!!

        I am going to go to spamhaus.org right now and see if this person is on the list as well ! hehehehehehe.

  13. Kern Wilson

    When you have the spam pimps so upset, as exhibited in some of the comments above, you know the pain of being shut down is felt in their wallet. Much of Brian’s work exposes these bottom feeders, criminals and looney criminals, who are exploiting the technology and the law for big money. You can expect the criminals to cry foul, or “censorship” or a variety of other crap when the rest of society refuses to pay for their daily harassments.

    Bottom line: spammers lost another battle. Expect more loses. You spam pimps cry me a river. No one is listening.

  14. Joao

    To all those who are posting here that are drawn to the black side:

    As I said, I’ve worked in a “correctional facility” and I can tell you that all the cons inside are suffering (even the ones who are preditory. Confinement, old age, sickness and death are all they have to look forward to.)

    One of the most common sayings from the cons was “if you can’t do the time, don’t do the crime!”

    If you’re young and “pretty”, aah, man, you don’t even want to know what those big, burley cons can do to you! The only way to prevent it is to kill someone, and that means you’ll be in there rest of your life, if someone doesn’t kill you first.

  15. Joao

    If you don’t think you’ll eventually regret getting sent up, you are really living in dreamland, bro!

    It’s easy to avoid this kind of suffering, you know. It’s called “right employment”, plus “right attitude”. Get a new job, and get a new attitude.

    It takes more guts to change an attitude than to keep it. It’s not easy to change, even when you make your mind up. I know. But it gets easier if you stick with it. It takes staying power.

    You think you’re tough? Try spending the next 50 years working on a better attitude! ;^)

  16. Joao

    Whether you Love him or whether you hate him, Brian sets a pretty good example by trying to do something positive with his life by helping others, and I, and a lot of others, appreciate it.

    So, what it boils down to is making a bad choice and convincing yourself that your too smart to get caught.

    Well, I feel for you, I really do. But I assure you that you will eventually get caught (either in this life, or the next. I know, you probably don’t believe in an afterlife. One thing’s for sure, you’ll have to find out, won’t you? Good luck when you have to look under your justifications for hurting others, and your buddies aren’t there to cheer you on & prop you up! Ouch!)

  17. Joao

    Whether you Love him or whether you hate him, Brian sets a pretty good example by trying to do something positive with his life, and I, and a lot of others, appreciate it.

    So, what it boils down to is making a bad choice and convincing yourself that your too smart to get caught.

    Well, I feel for you, I really do. But I assure you that you will eventually get caught (either in this life, or the next. I know, you probably don’t believe in an afterlife. One thing for sure, you’ll have to find out, won’t you? Good luck when you have to look under your justifications for hurting others, and your buddies aren’t there to cheer you on & prop you up! Ouch!)

  18. IA Eng

    In respect to the IPaddress above in Brian’s post, I found the AS numbers that relate to the range. The are:

    AS51787 ( CB3ROB)
    AS34109 ( CB3ROB)

    According to Robtex, the AS34109 is loaded with filthly websites.

    I will post the link to the Robtex website rather than SEO promote the filth:

    This is just 100 Randomly selected sites which are hosted at this IP/AS. If you hover over the links within Robtex, you usually are safe if the links stay within the Robtex domain. It can offer a wealth of information for those who care to dig into such things. Proceed with caution and at your own risk.

    1. Potato

      Exactly. And on the same note, have a look at this:


      According to sitevet, cyberbunker is ranked #43 for badness out of approximately 43,000 networks, making it dirtier than 99.9% of networks on the Internet…

      But let me guess, the fact that Spamhaus, SiteVet, and a bunch of other organizations all think cyberbunker is a cesspool is not reason to McColo as34109… instead it’s evidence of an Internet-wide “Jewish conspiracy” against Sven…. right? Because that makes more sense, right?

  19. Richard Draucker

    Potato: “According to sitevet, cyberbunker is ranked #43 for badness”

    First, for clarity, this reponse isn’t to suggest that Cyberbunker wasn’t a bad place. It’s ONLY to point out some irregularities with your source of that claim.

    Sitevet is new and clearly labeled as beta. It’s whois record shows a fake address at MyUS.com in Florida. My guess is the phone number is also fake, probably a Florida Skype number. Tellingly, Sunbiz.org (the Florida Secretary of State website) lists no business by the name of sitevet registered in the State of Florida.

    Note that, Spamhaus is well known for creating such fake entities which they then cite in their reports to support their claims against hosts and sites. I’m not claiming that’s the case here, I’m only making it clear that it could be. Who is SiteVet, really?

    That said, Sitevet seems to depend heavily on HE data. I’m not familiar with that, but looking at the site generating that data, I see they rank China as less of a risk than America, but list Russia as being the worst place in the world. My experience isn’t consistent with their data.

    No where in any of the data do I see what my own server logs tell me… The worst host in the world is Amazon AWS, which isn’t in any RBL, yet generates more bad traffic than all other sources combined.

    I’m obviously not alone in that. There are so many others with the same experience that the Amazon AWS IPs are published online so they can be blocked.

    FYI – My logs show Microsoft IPs #2 for bad traffic.

    Frankly, I don’t have much confidence in the Internet security community. There’s a suspicious lack of transparency and I see a lot of effort going into shutting down places like Cyberbunker, which my logs have no hits from whatsoever, while totally ignoring spam and malware coming from American corporate networks, which just happens to be the industry’s main source of income.

Comments are closed.