Spamhaus DDoS suspect to be extradited soon

A man accused of carrying out a massive denial of service attack is to be extradited from Spain.
Written by Michiel van Blommestein, Contributor on
Spanish police making the arrest. Image: La Policía Nacional

A Dutchman suspected of carrying out what's been described as the biggest DDoS ever could be extradited from Spain within a matter of days.

A Spanish court official told AP on Monday that the individual known as SK, accused of masterminding the recent attack on antispam group Spamhaus, will be handed over to the Netherlands within 10 days.

According to Spanish and Dutch authorities, the arrest of SK last Thursday in the Spanish town of Grannolers, 35km north of Barcelona, was the culmination of an international effort to find the culprits behind a distributed denial-of-service attack on Spamhaus which the attackers dubbed 'Operation Stophaus'.

Spamhaus blacklists and blocks IP ranges which it detects to be sending spam. ISPs that don't cooperate with Spamhaus run the risk of being blacklisted themselves, earning Spamhaus the ire of some service providers.

The attack used a technique called DNS amplification or DNS reflection to target up to 90Gbps of traffic at Spamhaus' email and web servers and up to 300Gpbs at a bandwidth provider used by Cloudflare, which Spamhaus was using to deflect the attack. Spamhaus was initially offline for five days as a result of the DDoS, while internet exchanges in London and Amsterdam were also affected.

According to Dutch authorities, SK worked from both a 'hacking bunker' in Spain as well as a van equipped with networking gear. The bunker was used as SK's centre of communications, the Spanish police said, from where he would conduct media interviews.

Editorial standards