MaxiDed, dead: Law enforcement closes hosting service linked to criminal activity

The hosting provider was connected to everything from botnets to child pornography.
Written by Charlie Osborne, Contributing Writer

Law enforcement has closed MaxiDed, a bulletproof hosting provider linked to a vast array of criminal activities.

As reported by Bleeping Computer, ten servers belonging to the service have been seized.

The former dedicated servers provider was taken down by law enforcement agencies from both Thailand and the Netherlands.

According to the now-defunct website, law enforcement said a police investigation is underway which "focuses on the criminal activities of MaxiDed and the people behind MaxiDed."

"MaxiDed uses the Dutch (digital) infrastructure to provide services to criminals by renting out servers from which criminal activities can be deployed such as sending spam messages and causing DDoS attacks," the notice reads.

The bulletproof -- or perhaps, now not so bulletproof -- provider offered a range of different dedicated servers across over 30 hosting providers in 82 countries.

An archived version of the website claims that MaxiDed catered for over 300,000 customers and accepted different forms of payment, including Bitcoin (BTC) for monthly subscriptions.

Bulletproof hosting providers tend to ignore copyright infringement claims and law enforcement demands and operate under a "don't ask, don't tell" philosophy, and so have become a go-to service for criminal activities.

While some providers offer these services on the basis of customer privacy and hand over the responsibility for usage from provider to customers, this has paved a way for cybercriminals to operate illegal activities with dedicated services at the core.

Exploit kits, botnet command-and-control (C&C) servers for distributed denial-of-service (DDoS) attacks, stolen data storage, and black market services -- including gambling and child pornography -- can often be found on these kinds of servers.

MaxiDed has been linked to many such activities. PawnStorm has used the service for targeted phishing and mass spam campaigns, as well as hosting the banking Carbanak malware.

Clamping down on bulletproof hosting is difficult. As noted in Trend Micro research (.PDF) on the subject, law enforcement may act if the service or content is hosted in their country. However, providers will often select countries with lax laws on content -- and whether or not server providers are considered responsible for their customer's activities.

Local media reports suggest that a Moldovian national has been arrested close to Bangkok in relation to the seizure. An alleged MaxiDed administrator has also been arrested by Bulgarian police.

Law enforcement chose to act as Dominica-registered MaxiDed was allegedly providing hosting to a subscription-based child pornography content service, also owned by the alleged operator of MaxiDed, which was earning up to $123 million annually.

See also: Enterprise vulnerability management as effective as 'random chance'

Information gained from the servers has been shared with Europol.

MaxiDed is a decade old but its reputation has suffered in recent years. The Internet is now littered with scam claims and poor reviews, with many customers complaining of failed deployment, the payment of upfront costs and no service, and shady business practices.

Top tips to stay safe on public Wi-Fi networks

Previous and related coverage

Editorial standards