-
A rogue hosting company, used solely for criminal activities, had its entire infrastructure seized by police.
-
The takedown involved about 250 physical servers, which also hosted thousands of virtual servers used for crimes like ransomware and phishing.
-
This provider advertised itself as “bulletproof,” promising criminals complete anonymity and no cooperation with law enforcement.
The steady rise in places where criminals host their shady websites has become a serious issue, keeping law enforcement authorities on their toes. However, recent reports show they have made significant progress in tackling the problem.
Dutch police just kicked down the door of criminals’ favorite digital hideout and seized thousands of servers in a massive operation. This wasn’t your typical web host – the company existed only to help crooks; a one-stop shop for all kinds of online crime.
A Rogue Hosting Haven
Imagine a landlord who only rents to criminals; that’s essentially what the hosting company was. It provided the digital space for all sorts of illegal activities.
The company boldly marketed itself as “bulletproof.” It promised users complete anonymity. Its ads suggested it would never work with law enforcement.
It’s basically been the go-to for online crooks since 2022. Research says it showed up in more than 80 cybercrime busts all over the place, not just in the Netherlands but pretty much everywhere. The platform it hosted ranged from malware command centers to the very marketplaces where criminals sell stolen access, similar to the recent cases of hackers selling access to thousands of Italian websites on the dark web. Clearly, the bad guys loved it.
The Massive Server Seizure
The police operation went down on November 12. Officers moved into data centers in The Hague and Zoetermeer. Their target was the physical heart of this criminal operation.
They seized approximately 250 physical servers. But the impact was much bigger. Each physical server housed many virtual servers.
Taking down the physical machines meant thousands of these virtual servers also went offline. This immediately disrupted a huge network of criminal sites and services.
Shutting down the hosting company puts a stop to their operations and hands investigators a goldmine of evidence to work with.
A Busy Week of Takedowns on Multiple Fronts
This raid on the bulletproof host wasn’t an isolated event. It was part of an incredibly active week for Dutch cybercrime fighters. Just a day before, they played a central role in an even larger international strike.
This global action was called Operation Endgame, which was coordinated from Europol’s headquarters in The Hague. For a complete breakdown of this massive international effort, see our in-depth coverage: Global ‘Operation Endgame’ Takedown Disrupts Major Cybercrime Networks. The big idea? Take apart these massive malware networks that had wormed their way into hundreds of thousands of computers.
Dutch authorities were crucial in this effort. They took down 83 infected servers located in the Netherlands. They also seized 20 criminal domains.
Operation Endgame wrecked over a thousand servers worldwide—seriously, that’s massive. Meanwhile, Greek police actually caught the mastermind behind VenomRAT, the malware that jacked into more than 100,000 crypto wallets.
What’s Next After the Massive Siezures?
Police say their first priority is simple. They want to stop the criminal activities these companies have enabled. This action prevents new victims in both the short and long term.
It also seriously disrupts the criminal process for many cybercriminals. But the work is far from over.
The amount of data seized from both operations is enormous. Analysts are now sifting through it all. Investigators are just beginning to uncover the information and evidence.
They expect that the evidence will lead to additional investigations and most likely additional arrests. For now, two major hubs for online crime have been decisively shut down. Dutch police have sent a clear message to cybercriminals everywhere.
