Authorities Seized 800 Servers of Hosting Company Used to Launch Cyberattacks

HomeCyber Attack News Authorities Seized 800 Servers of Hosting Company Used to Launch Cyberattacks By Abinaya May 25, 2026 Dutch authorities have seized more than 800 servers and arrested two individuals as part of a major investigation into a hosting infrastructure allegedly used to support cyberattacks, disinformation campaigns, and sanctions evasion linked to Russia. The Fiscal Information and Investigation Service (FIOD) confirmed that arrests were carried out on May 18, 2026, targeting a 57-year-old man from Amsterdam and a 39-year-old man from The Hague. Both suspects are accused of violating the EU Sanctions Act by indirectly providing economic resources and services to entities sanctioned by the European Union. Authorities Seize Attack Servers The investigation centers on a web hosting company established on February 10, 2022, just weeks before Russia invaded Ukraine. According to investigators, the company’s infrastructure was later leveraged to facilitate destabilizing activities targeting the European Union. These activities reportedly included: Launching cyberattacks against European systems. Conducting interference operations. Disseminating disinformation campaigns. Supporting broader information manipulation efforts. Authorities believe the infrastructure played a role in undermining democratic processes and disrupting public and economic systems across EU member states. The hosting provider was officially placed on the EU sanctions list on May 20, 2025. However, investigators discovered that a significant portion of its infrastructure was transferred to a newly established Dutch company around the same time. FIOD findings indicate that this new entity acted as a front organization to circumvent sanctions. The 57-year-old suspect is identified as the company’s director and indirect sole shareholder. A second Dutch company, operated by the 39-year-old suspect, allegedly played a supporting role by providing internet connectivity to the infrastructure, effectively enabling continued operations despite sanctions. Authorities conducted coordinated searches across multiple locations, including: Three business premises in Enschede and Almere. Two data centers are located in Dronten and Schiphol-Rijk. During these operations, law enforcement seized: Over 800 servers. Administrative records. Laptops and mobile devices. The scale of the seizure underscores the extensive infrastructure required for the operation. It suggests a significant capacity for cyber-enabled activities. Ongoing Investigation The Functional Prosecution Service is leading the case under the Dutch Public Prosecution Service. Violations of EU sanctions fall under both the Sanctions Act and the Economic Offenses Act, making such activities criminally punishable. Since the start of the Russia-Ukraine conflict, the EU has expanded sanctions targeting Russia and Belarus, including restrictions on financial transactions and the provision of technical services. Authorities emphasize that attempts to circumvent these measures, including through proxy companies or infrastructure transfers, are actively investigated. The FIOD continues to track individuals and organizations attempting to evade sanctions while enabling cyber operations. The investigation remains ongoing, and further arrests or asset seizures may follow as authorities analyze the confiscated infrastructure and data. Follow us on Google News, LinkedIn, and X to Get More Instant Updates. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Abinayahttps://cybersecuritynews.com/ Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space. Trending News How to Close the Most Expensive Gap in Your SOC  Hackers Use NF-e Invoice Lures to Deliver Banana RAT Through Malicious Batch Files PyrsistenceSniper – Tool that Detects 117 Persistence Malware Techniques on Windows, Linux, and macOS Android Malware Silently Subscribes Victims to Premium Services Without Consent Linus Torvalds Says AI Bug Reports Have Made Linux Security Mailing List Unmanageable Latest News Cyber Security News CISA Warns of Drupal Core SQL Injection Vulnerability Exploited in Attacks Cyber Security News GitHub Adds Staged Publishing to npm to Block Automated Supply Chain Attacks Cyber Security News Hackers Use Browser-Locking CypherLoc Kit to Push Fake Microsoft Support Calls Cyber Security Pentest Agent Suite – Bug Bounty Framework for Claude Code and 6 AI Coding Tools Cyber Security Wireshark 4.6.6 Released With Fix for Dissector Crash via Malformed Packet Injection