Showdown im Cyberbunker-Verfahren!

Showdown in cyber bunker trial

A turning point is imminent in the trial about the cyber bunker on the Moselle. The alleged manager wants to make a confession - at least partially.

When the eight defendants in the cyber bunker trial leave hearing room 70 of the Trier Regional Court again today, Thursday, July 15, 2021, the future prospects for some of them may have deteriorated significantly. After months of sometimes tough interrogations, a turning point is imminent in the trial on the 58th day of proceedings: Although there has been a lack of evidence so far for a conviction of the defendants on central points, the lawyer of cyberbunker manager Michiel R., Jens Schmidt, has announced a partial confession. It is planned to „read out a partially confessed admission,“ Schmidt confirmed at the request of Golem.de.
In the trial, the Trier Regional Court must clarify the question of what the operators of the cyber bunker in Traben-Trarbach knew about the machinations of their customers. In a so far unique trial, the provider, a so-called bulletproof hoster, is accused of having aided and abetted the crimes of darknet marketplaces such as Wall Street Market or Flugsvamp. But clear evidence of such active support is missing so far.

Does he jeopardize possible acquittals?
The lawyers of the other defendants were correspondingly annoyed a week ago during a break in the proceedings. Presiding Judge Guenther Koehler had already indicated that he would hardly be able to convict the defendants on the basis of the evidence and statements so far. A confession, whatever it may turn out to be, could therefore influence the verdicts. According to the lawyers, manager R., who gives the impression of a serious businessman in the dock, is cooking his own soup in the proceedings.
Unlike the other defendants, the alleged cyberbunker manager has already talked extensively in the trial. However, he has so far denied aiding and abetting as defined by the indictment.
Host providers do not have to actively check the content their customers store on their servers for legal violations. But they must react if they are made aware of illegal content or become aware of such content in some other way. The cyberbunker is alleged to have deliberately failed to do this. The defendants are therefore accused of aiding and abetting nearly 250,000 criminal acts and of forming a criminal organization.

Who held which function?
The court must also clarify the question of which of the defendants held which function in the cyberbunker and could have known about the illegal activities of the customers. This might primarily concern Cyberbunker founder Herman Johan Xennt as well as manager Michiel R., but also administrators Tom F. and Konstantin Z.

The role of Xennt’s sons Xyonn and Yennoah O. seems rather vague. The defendant Jaqueline B. was responsible for bookkeeping. A 21-year-old defendant, the only one not in pre-trial detention, played no role at all in last Thursday’s trial.
According to media reports, R. is at least willing to admit to the charge of a conditional intent in the formation of the criminal organization. This was said by his lawyer Jens Schmidt, according to SWR. However, the prosecutor general’s office did not want to enter into such a deal.

Just like earlier hearings, last week’s interrogation showed not so much how criminal, but rather how amateurish the defendants in Traben-Trarbach had been.
For example, the Belgian IT expert Kevin S. reported in detail how quickly and easily he could start as a trainee in the alleged high-security bunker. After a visit to the Moselle with a complete guided tour of the bunker and another weekend, the 28-year-old was allowed to move in on the premises - along with his Poweredge server, which he was able to set up in the bunker without any problems.
The bosses did not want to see any documents or even a certificate of good conduct. Instead, they required him to create an account at Protonmail. The bunker employees were to communicate only in encrypted form via this mail provider.

Drunk every night
In his testimony, Kevin S. drew a deliberately positive picture of the Cyberbunker. He said that the operators had inquired whether he had a family or pets that needed to be taken care of because of the internship. He does not want to have heard anything about any illegal activities or so-called abuse reports. Otherwise, he would have left the team immediately anyway, he said when asked by Köhler.
He took Xennt and the manager completely out of the line of fire. Xennt had been a quiet, jovial boss. He described the atmosphere as open, comfortable and sociable. The chef, he said, was drunk practically every night after a few beers, but a „nice drunk.“ Admin Tom F. is said to have been responsible for customer service. Konstantin Z. was more concerned with the hardware.

Meeting with Sven Kamphuis
But the statement of the intern is of limited value in two respects. For Kevin S. was only two to three weeks in the bunker, because he had started there only shortly before the raid of September 2019. Secondly, according to his own statements, he had frequent contact with Xennt’s former business partner, Dutchman Sven Olaf Kamphuis aka cb3rob, over the past year. According to Kamphuis, he was instrumental in setting up the infrastructure and developing a kind of search engine for the darknet (Onions.es and Cb3rob.org) for Xennt in 2015.

In this room of the Trier Regional Court, one of the defendants wants to make a partial confession In the trial, however, he plays no role and is not scheduled as a witness. According to Kevin S., however, he is already making plans on how to better secure the cyber bunker after the end of the trial and a possible return to Xennt.

The ex-trainee even had to tell the court the address where he had met Kamphuis in the Netherlands. When asked by Golem.de, the Koblenz Attorney General’s Office did not want to comment on whether this address had been checked and Kamphuis would be called as a witness.

Likewise, the intern confirmed that the operators had not taken the security of customer data particularly seriously. Hard disks from shut-down servers that were supposed to be destroyed were piled up in the bunker rooms. Even with the help of passwords, which the investigators found in an Excel spreadsheet, they were able to analyze the data after the raid.
However, not only the defendants, but also the investigators did not leave a particularly professional impression during the trial. Police Commissioner M. of the Rhineland-Palatinate State Criminal Police Office, for example, told the court that he had found numerous pay slips on one of the computers seized.

However, when asked by Judge Köhler who had been on the payroll at the cyber bunker, he had to pass. He had only looked at one of the documents and attached it as an example.

650 euros gross for hardware technician
At that point, Köhler almost burst his white judge’s collar. „Doesn’t anyone proofread that? Who is reading this at all?“ he asked indignantly in view of the incomplete and not very informative evaluation protocols.

The wage statement projected on the wall by the court concerned the Bulgarian Z., who had been placed at the cyber bunker via the employment office. According to it, Z. received 650 euros gross per month, and there was no vacation entitlement. „If you don’t have a vacation, you can’t take one,“ Judge Köhler remarked.

Investigators also found scanned documents on electricity bills, broadcasting fees and tax documents. This affected not only the cyber bunker, but also Calibur and Systems Research, companies founded by Xennt.

No incriminating mails found
Neither police inspector M. nor police chief inspector S., who had been questioned earlier, were able to contribute incriminating documents in the sense of the indictment, whereby the latter, with his checkered shirt and braid, made a nerdier impression than the entire cyberbunker team. Although some customer mails could be evaluated, these concerned usual support like the dispatch of root passwords and the accessibility of servers.
According to the report, the payments made by the customers were in the three- to four-digit range. Since the e-mails were signed with fantasy names such as Don West, Jordan Robson, Adam Morgan or David Williams, they cannot be directly assigned to any defendant.

However, on one of the PCs examined, child pornographic videos were found as well as deleted photos whose file names suggest pedocriminal content. Although this does not play a role in the current proceedings, it does not exactly make the defendant to whom the material is attributed more sympathetic, as one of the lawyers remarked. According to information from Attorney General Jörg Angerer, a new investigation has therefore been initiated against the defendant.
Quasi as „by-catch“ the investigators found cracked computer games. In this case, according to Angerer, it is still being examined whether this constitutes a copyright infringement.

In addition, the operators advertised that no sales tax would be due when paying with Bitcoin. This would constitute tax evasion if the operators could be proven to have done so. According to the documents, numerous Bitcoin wallets were found on the computers. Additional proceedings have also already been initiated in this case.

Trial could end in September
The two investigators admitted that they had never physically held the evaluated data carriers. According to them, other officers had read out the data and made it available via evaluation software. In the process, there were apparently also incorrect assignments of evidence object numbers.
The trial, which was originally scheduled to end in December 2021, could end as early as September, according to the Trierischer Volksfreund. The confession of Michiel R. could also contribute to this.
In the meantime, there was also talk that Xennt’s sons could make a confession. Whether this will actually be the case is unclear. „The influence of certain co-defendants is very great,“ the newspaper quoted one of the lawyers. This is certainly not likely to mean Michiel R.

Ein Vollzitat in dem Umfang von Golem. Wer zahlt die Abmahnung, sollte eine kommen?

Du kannst seinen Beitrag ja editieren und einfach auf den Post auf Golem.de verlinken :slight_smile: Hier der Link https://www.golem.de/news/teilgestaendnis-angekuendigt-showdown-im-cyberbunker-verfahren-2107-158144.html

Schon doof mit sowas zu werben.

Er hält sich dort doch sicher nicht mehr auf. Mein letzter Stand ist, dass sich der gute Sven irgendwo in Spanien aufhält. Aber bin da nicht wirklich auf dem Laufenden ^^

bindet PixelPing von Propublica mit ein; jedes Mal, wenn hier jemand die Story anklickt, kriegt Golem in dem Fall, auch einen Pageview: PixelPing

1 „Gefällt mir“

Ich wüsste jetzt nicht, dass bei Golem englische Artikel veröffentlicht werden? :thinking: :joy:

Ich habe noch nicht verstanden, welchen Vorteil PixelPing für den Verlag bzw. das Online-Portal hat. Kann Golem damit seine Seite monetarisieren? Oder geht’s nur um Analyse?

Reines Analyse Tool, um den Traffic des besuchten Artikels zu messen. Also quasi sowas wie Google-Analytica in ganz schmal.

Ach so, gut, dafür haben wir statt Google Analytics das datensparsame Matomo installiert, wo keine Daten an Dritte gehen.