Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster

The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform.

Earlier this week, the authorities in the United States, Australia, and the United Kingdom, announced sanctions against the same bulletproof hosting provider for its involvement in cybercrime operations.

Specifically, the operators of Zservers were accused of facilitating LockBit ransomware attacks and supporting the cybercriminals efforts to launder illegally obtained money.

The hosting provider, operated by Russian nationals Alexander Igorevich Mishin and Aleksandr Sergeyevich Bolshakov, was also used to suppert botnet operations and to distribute malware.

Politie says that the Zservers service was knowingly backing these malicious activities and even advertised its lax policies to potential customers, making it clear that its infrastructure tolerated criminal acts.

"A bulletproof hoster is not just any shadowy company that ignores rules – it is the backbone of global cybercrime," states the Dutch police in today's announcement.

"Without these 'safe havens',many criminals would have nowhere to host their hacking tools, stolen data and fake websites."

Politie says that one of the seized servers hosted hack tools from Lockbit and also Conti ransomware, two of the most prolific and damaging ransomware-as-a-service operations.

The servers were located in the Paul van Vlissingenstraat colocation data centre in Amsterdam and cybercriminals could purchase services anonymously, by paying with cryptocurrency. At the moment, any websites hosted on the servers are no longer accessible.

All 127 seized servers will be investigated by specialists of the Cybercrime Team in Amsterdam, which may lead to more incriminating evidence and data that could point to other cybercriminal operations and the individuals running them.

However, this time, the action was limited to seizing computing equipment, and no arrests were made.

Mishin and Bolshakov, the administrators of Zservers, were sanctioned with asset freezes and travel banks but remain free, as no criminal charges have been announced against them yet.