Dutch police have seized ten servers belonging to a bulletproof hosting provider known for harboring child pornography sites and command and control servers for DDoS botnets, cyber-espionage, malvertising, spam, and malware operations.
The name of the hosting provider is MaxiDed, a service that has operated since late 2008, but which became increasingly more aggressive with its marketing in the last two years when its ads became a common occurrence on cybercrime forums.
According to an archived version of the site, the company offered dedicated servers, VPS, VPN, and server colocation services, claiming to host nearly 2,500 servers across 30 hosting providers in 82 countries.
MaxiDed advertised itself as a bulletproof hosting provider, a term used to describe hosting companies that ignore reports of criminal activity or copyright infringement happening on their servers.
Such services have been widely available in recent years, and authorities have rarely intervened, mainly because the hosting providers shield themselves from any responsibility behind bulky and wide-ranging terms of service.
Across the years, MaxiDed established itself as a go-to solution for many cybercrime groups like Carbanak, many nation-state cyber-espionage operations, according, but also hosted command and control servers for Mirai DDoS botnets, the AdGholas malvertising campaign, and many credit card fraud operations, according to Trend Micro and SpoofIt reports.
Furthermore, in a press release today, Dutch Police said MaxiDed was also providing hosting service to a file-sharing site named DepFile that was being used for sharing child pornography content.
Police said its investigation revealed that MaxiDed employees were aware that their servers were used to share child pornography and host malware, but did nothing about it.
Dutch authorities seized ten MaxiDed servers located in the Netherlands, while Thai police arrested a 29-year-old at a holiday resort in the province of Chumphon, south of Bangkok.
Investigators said the 29-year-old man, a Moldavian national, was the owner of not only MaxiDed but also the file-sharing service through which child pornography content was being shared.
Bulgarian police arrested a second man, a 37-year-old Moldavian national, suspected of being one of the MaxiDed administrators.
Since earlier today, the MaxiDed website now redirects to a now-classic Dutch police takedown page that reads: "The police investigation focuses on the criminal activities of MaxiDed and the people behind MaxiDed. MaxiDed uses the Dutch (digital) infrastructure to provide services to criminals by renting out servers from which criminal activities can be deployed such as sending spam messages and causing DDOS attacks."
Dutch officials said they've shared the data seized from the ten MaxiDed servers with Europol, which will distribute to law enforcement agencies in other countries for further investigations.
Andrei Barysevich, Director of Advanced Collection at Recorded Future, claims MaxiDed's reputation suffered in recent years.
"They did not have a stellar reputation," he said,"[they were] known for leaking private information in case of disputes."
Many websites with hosting provider reviews gave the service low ratings and described it as a scam, one of the reasons why the service recently switched its main domain from maxided.com to maxided.net.