8 cyber criminals jailed for running CyberBunker, famous bullet proof hosting service

German authorities announced the prison sentence against eight individuals accused of the operation and development of CyberBunker, a popular bulletproof hosting service among the cybercriminal community. In court documents, it is detailed how this platform facilitated drug trafficking, sale of stolen information and distribution of child pornography.

While the defendants were found guilty of operating this illegal platform on the dark web, under the new legal bases on cybercrime the authorities could not prove that the defendants had helped any of the criminal sites hosted on CyberBunker.

The defendants reportedly operated the bulletproof hosting service from a former NATO bunker, located in a small German town. For approximately six years, the defendants managed this platform, providing their services to all kinds of cybercriminal groups very interested in going unnoticed.

All the defendants learned of their sentences on December 13, after more than a year of hearings. The individual accused of being the main operator of the attack is a 62-year-old Dutch citizen, who bought the bunker from where the group operated and received a sentence of almost 6 years in prison.

Of the rest of the defendants, six received sentences of between 2 and 4 years in prison, while the remaining individual will only spend one year on probation.

The defendants were arrested in September 2019, as a result of investigations by the State Central Office for Cybercrime (LZC) of the Koblenz General Prosecutor’s Office and the Criminal Police Office of the State of Rhineland-Palatinate, after an investigation of almost 5 years.

Among CyberBunker’s main clients were illegal platforms such as Cannabis Road, Wall Street Market and Flugsvamp, which equates to some 250,000 illegal transactions through the dark web that would not have been possible without CyberBunker’s help.

Although with marked differences, this is a case similar to that of Freedom Hosting, in which in addition to operating a bulletproof hosting platform, the defendants were found guilty of facilitating access to and distribution of child pornography, which led to the imposition of a harsher sentence. 

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.