Hosting Firm Cyberattacks Investigation Leads to Server Seizure

Dutch authorities seized 800 servers during a large cybercrime investigation targeting a hosting provider accused of enabling cyberattacks and disinformation operations. Investigators also arrested two suspects connected to infrastructure allegedly tied to sanctioned Russian entities.

The case highlights growing concerns around so-called “bulletproof” hosting providers that allow cybercriminal operations to remain online despite repeated abuse complaints and international sanctions.

Dutch Authorities Seized Hundreds of Servers

The Dutch Fiscal Information and Investigation Service carried out coordinated raids across several locations, including data centers and business facilities.

Investigators confiscated:

• 800 servers
• Mobile devices
• Laptops
• Administrative records
• Networking equipment

Authorities also arrested two men suspected of helping sanctioned organizations continue operating hosting infrastructure inside Europe.

Researchers said the investigation focuses on infrastructure linked to companies accused of supporting cybercrime operations and online influence campaigns.

Hosting Firm Cyberattacks Linked to Sanctioned Infrastructure

Investigators connected the seized infrastructure to hosting operations allegedly associated with sanctioned Russian and Belarusian entities.

According to researchers, the infrastructure later operated through a Dutch company that authorities suspect functioned as a front organization. Prosecutors believe the network provided services that enabled cyberattacks, disinformation campaigns, and distributed denial-of-service operations.

Security researchers also linked parts of the infrastructure to activity associated with pro-Russian hacktivist operations targeting European organizations.

Authorities warned that cybercriminal groups frequently move infrastructure between companies and jurisdictions to avoid enforcement actions and sanctions.

Researchers Warn About “Bulletproof” Hosting Providers

Cybersecurity experts have repeatedly warned about hosting providers that knowingly tolerate malicious activity. These services often support phishing campaigns, malware distribution, botnet operations, and fraud infrastructure.

Researchers explained that attackers rely heavily on resilient hosting environments because stable infrastructure allows operations to continue longer without disruption.

Experts also warned that some providers deliberately ignore abuse reports or hide ownership structures to complicate investigations.

The Netherlands remains one of Europe’s largest hosting hubs, which makes the region attractive to both legitimate technology companies and cybercriminal operations.

Investigation Into Hosting Firm Cyberattacks Continues

Authorities confirmed that forensic analysis of the seized systems remains ongoing. Investigators expect the confiscated infrastructure to contain evidence connected to cyberattacks, sanctions evasion, and online influence operations.

Researchers believe additional infrastructure or affiliated operators may still remain active outside the Netherlands.

Law enforcement agencies across Europe continue increasing pressure on hosting companies suspected of enabling cybercrime activity or supporting sanctioned entities.

Conclusion

The hosting firm cyberattacks investigation resulted in one of the largest recent server seizures tied to alleged cybercrime infrastructure in Europe. Dutch authorities confiscated 800 servers and arrested multiple suspects linked to hosting operations accused of enabling malicious activity.

Investigators continue analyzing the seized systems as European authorities expand efforts against providers connected to cyberattacks and disinformation campaigns.