Amid a new coronavirus outbreak, extensive media coverage and multiple rumors has begun the most important cybercrime trial in German history, seeking to prosecute eight individuals of different nationalities, accused of thousands of cybercrimes.
The defendants, including four Dutchmen, three Germans and one Bulgarian, reportedly worked at Cyberbunker, a military base enabled as a data center in Traben-Trarbach, a town northeast of the city of Trier, Germany. The authorities contend that the defendants participated in nearly 250,000 illegal transactions on the dark web, including drug trafficking, murder for hire, money laundering and possession of child pornography.
A year ago the authorities managed to raid this bunker to shut down its operations, as well as arresting some of its members, including the alleged leader of the operation, identified only by his first name Johan. On the bunker, authorities report that the facility was built during the Cold War in order to house a NATO command center. After the end of the Cold War, the bunker was abandoned until local authorities sold it to Johan in 2013.
Before acquiring the bunker, Johan promised to create a hundred jobs for the local community, as well as committing to the creation of an IT training center. None of these promises were realized, however, rumors even began to appear about illegal practices related to Johan and the bunker. Eventually the authorities set up an operation to raid and bunker, revealing the questionable practices that took place at the facility.
Cybercriminal activity
Johan and the remaining seven defendants are singled out as responsible for operating a service known as bulletproof hosting, allowing their clients to perform all kinds of criminal activities on the dark web. While bulletproof hosting is not necessarily illegal, it is a fact that operators of illegal sites use these services.
Although Cyberbunker originally hosted websites not considered illegal, Johan’s ideas changed over time, even hosting child pornography sites.
German authorities confiscated everything they found in the bunker, including a hundred physical and virtual servers that are currently still being analyzed. Although the operators of these facilities have argued that they were completely unaware of what kind of activities their customers carried out, cybersecurity specialist Steven Murdoch argues that it is impossible for bulletproof hosting service providers to ignore this information: “Surely you will soon find the evidence necessary to link the bunker to multiple illegal online platforms”, he considered.
The case is far from closed, as the expert mentions that a fundamental issue has not yet been touched on: “Even if the prosecution concludes that Johan and his team were aware of the malicious activities of their clients, justice must still determine a supplier’s right or obligation to act in such cases.” A determining factor in reaching this point will be German information security legislation, regarded as one of the strictest in the world, which has delayed the general application of electronic means of payment and other common practices in other major cities.
Patrice-Christian-Roger Langer, mayor of Traben-Trarbach, believes this criminal case is an ideal opportunity to take some considerations about German data collection and privacy legislation: “As a local authority I must allow the police to review my internet search history and personal background each year; Do you really think it is possible that this man can execute an operation that facilitates the deployment of illegal activities arguing that laws prohibit him from requesting information from his clients?” The trial will last more than a year, as prosecutors must file each of the charges against the eight defendants.
While there is extensive evidence of the practices that were provided from the bunker, Murdoch believes that this does not ensure a favorable verdict for German justice. Still, the expert believes that not everything is said and done: “The authorities often reserve key evidence until the trial began, although it is difficult to know exactly what was going on in the bunker,” Murdoch concludes.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
