Police arrested 18-year-old suspect for DDoS attack on fintech startup Bunq

Police arrested 18-year-old suspect for DDoS attack on fintech startup Bunq

This article will take you 2 minute(s) to read

An 18-year old man suspected of mounting a DDoS (Distributed Denial of Service) attack on an online Dutch bank Bunq was arrested by the police’s Team High Tech Crime. Bunq is an online bank that lets customers open payment account in approximately five minutes and to make payments with a selfie and a fingerprint. The suspect is alleged to have attacked other organizations as well including Dutch tax authorities and Tweakers Internet site. Police are also investigating whether the suspect was a ‘lone cyber criminal’ or part of a cybercrime gang. 

Often, hackers mount DDoS attacks to distract the IT staff of an organization and plant other things like malware, ransomware, and to execute data theft. DDoS attacks have become so widespread that seasoned hackers also offer ‘DDoS attack-as-a-service’. This has also increased the financial and reputational impact for European businesses. Poland based Security Operations Center (SOC) of F5 Labs estimated that the past year saw 64% worldwide increase in DDoS attacks, 51% of it occurring in Europe, the Middle East, and Africa (EMEA) region.


Image Source: Cloudflare

How DDoS works?

In a typical DDoS attack, a large amount of data or traffic is sent to the target website thereby crashing its servers and ‘denying’ users the access to the website/services. In Bunq’s case, it was attacked in Sep 2017 and back then the DevOps team of the online-bank implemented late-night workarounds such as switching certain services to different data centers and applying various filters.

Victims help Police

The arrest of this suspect comes as a respite as he is thought to have inflicted same DDoS attacks on other organizations which include Dutch tax authority Belastingdienst and Tweakers Internet site. Those who participated in hunting down the suspect include The Team High Tech Crime (THTC) of the National Unit, security company Redsocks, and the affected parties (including Bunq, Tweakers, and others). Redsocks believes that the same person was involved in DDoS attacks on ING and ABN Amro as well.

Hacker image by Shutterstock


Leave a Reply