A German court has convicted eight people who were involved in operating a data center at a former NATO bunker.
Among the illegal services allegedly hosted at the German data center were Cannabis Road, Fraudsters, Flugsvamp, Flight Vamp 2.0, orangechemicals, and the world's second-largest narcotics marketplace, Wall Street Market.
A large-scale attack on Deutsche Telekom routers in November 2016 is also thought to have been controlled via servers hosted there.
The 'CyberBunker' facility in Traben-Trarbach, western Germany, was raided by more than 600 police officers in September 2019.
Built by the West German military in the 1970s, the site was used by the Bundeswehr’s meteorological division until 2012. A year later, it was sold to Herman-Johan Xennt, who told locals he would build a web-hosting business there.
Xennt had already operated a different CyberBunker out of a former NATO bunker in the Dutch town of Goes, which he bought in 1995 and is thought to have primarily hosted pornography there. The facility is thought to have been part-financed by George 'The Penguin' Mitchell, once one of Ireland's most successful drug importers.
The Dutchman rented out part of that facility to another user, and in 2002 there was an explosion, which burned Xennt's hands and face. The user had been making Ecstacy, and Xennt's business license was taken away - but he was not charged, as he said he thought he was subletting to a painting company.
After the explosion, the company moved to sites over ground. During this period, it briefly hosted groups like WikiLeaks and The Pirate Bay.
CyberBunker's history caught the attention of senior German prosecutor, Jörg Angerer, but it took more than a year for formal investigations to begin. By 2015, a German cybercrime unit was called in.
Later that year, the group tapped a cable going into the data center, copying data going in and out. On the unencrypted data, they were able to find illegal web pages involved in drugs, fraud, and other criminal activities.
As detailed by The New Yorker, the cybercrime unit bought thousands of dollars of Bitcoin and created a website that looked like a scammy lottery. They then sought to host it on the CyberBunker, to prove that the company actively helped clients it knew were committing crimes.
With this, and other information gathered during the investigation, police raided the facility. They knew that everybody at the bunker would be out for a celebration dinner as one of the employees had recently inherited.
At the data center, police seized 403 servers, 412 hard drives, 65 USBs, 61 laptops and computers, 57 phones, and about a hundred thousand euros in cash.
Following a trial that lasted more than a year, Xennt was sentenced to five years and nine months in prison. Seven other defendants were given sentences ranging from four years and three months in prison to a one-year suspended sentence.
They were convicted of forming and membership in a criminal organization, but were all acquitted of being accessories to around 250,000 crimes that were allegedly commited on sites hosted by the data center.
More in Security & Risk
Conference Session Fireside chat: Could Generative AI hack a data center?