Alleged Spamhaus DDoS attacker Sven Kamphuis arrested in Spain
The man accused of 'slowing the Internet'
The 35 year-old Dutchman accused of masterminding the worryingly vast DDoS attack that nearly swamped anti-spam organisation Spamhaus and its partners last month has been arrested in Barcelona, reports have said.
Identified as ‘SK’ by Dutch police, a man assumed to be Sven Olaf Kamphuis was detained under a European arrest warrant after investigations by the Dutch National High Tech Crime Unit (NHTCU) in the city he lists as his location on Facebook.
Computers, hard drives and phones were removed from the suspect’s house as part of the investigation, Dutch police said.
Related Articles on Techworld
The suspect’s connection to the extraordinary attack that his Spamhaus on 27 March is unproven and Kamphuis later denied any involvement despite his alleged association with the small but vocal STOPhaus organisation.
Styling himself as an Internet freedom fighter and describing himself as the “minister of telecommunications and foreign affairs for the Republic of CyberBunker,” the latter being the Dutch hosting firm said to have been connected to the attacks.
Spamhaus reportedly attracted the ire of Kamphuis when they blacklisted both CyberBunker and a second firm run by him for their alleged involvement in spam earlier this year.
Spamhaus commented on the arrest using barely concealed relief.
“The Spamhaus Project offers congratulations and its sincere thanks to the Dutch Public Prosecution Service (OM), the Dutch National High Tech Crime Unit (NHTCU) of the Dutch Police Services Agency (KLPD), and any and all other entities involved in the recent arrest announced in regard to the Distributed Denial of Service (DDoS) attacks on Spamhaus in March 2013,” read an announcement.
“Spamhaus will resolutely continue its mission to provide reliable protection against cyber threats such as spam, malware and botnets and work with Internet service providers and organizations worldwide to create a safer internet,” Spamhaus said.
Estimated to have generated over 300Gbps in traffic using a well-documented but generally ignored DNS reflection weakness to swell its effect, the attack on Spamhaus led to hysterical and unsubstantiated headlines claiming that the Internet had slowed.
It hadn’t of course although many engineers were left worried by the attack’s knowing design and the possibility that a future attempt using the same approach could cause real problems.
EU security agency ENISA later released an analysis pointing out the potential for trouble should any attacker use the technique on a larger scale, demanding that service providers snap out of their apparent complacency.
Should Kamphuis eventually be charged and come to trial in The Netherlands, the details of the case will be closely watched as will the unusual event of an alleged spammer and self-declared Internet freedom campaigner being held accountable for their actions.
On Sunday, Spanish police released more detail of Kamphuis's time in Barcelona, including that he used a special van equipped with radios as a mobile office.