Man
Professional
- Messages
- 3,079
- Reaction score
- 615
- Points
- 113
How a modest building in the center of Reykjavik became the focus of cyber threats.
The modern office building next to the harbor in Iceland's capital, Reykjavík, is better known as the home of the Icelandic Phallological Museum, which exhibits 320 specimens of mammalian penises.
However, for those who track cybercrimes, this building has also become a virtual offshore haven for some of the world's most notorious offenders: identity theft, ransomware, misinformation, fraud, and other crimes.
The reason is that Withheld for Privacy is registered at the same address – Kalkofnsvégur 2 – which is part of a rapidly growing and largely unregulated industry in Iceland and other countries that allows internet domain operators to hide their identities.
While the practice has become commonplace for site owners seeking to protect themselves from harassment or spam, it also helps to hide from regulators, law enforcement, or victims.
Withheld for Privacy and other similar services have turned Iceland into a global hub of illegal activity disproportionate to the country's size. A company created in 2021 by Namecheap – one of the world's largest website providers – has actually hidden tens of thousands of dubious internet sites. Local authorities reported that they even tried to contact representatives of the company, but to no avail.
Researchers at Syracuse University, while studying deceptive political ads on Facebook and Instagram, accidentally stumbled upon this museum while trying to track down the owners of a site that spent $1.3 million on fraudulent ads targeting supporters of former U.S. President Donald Trump.
This scam tried to trick victims into providing credit card details and, without realizing it, signing up for expensive monthly payments before Meta, the owner of Facebook, shut down ads and blocked the domain for doing so this year.
The internet is full of similar sites that try to trick gullible users, and proxy services, when used incorrectly, make it even harder to find or identify criminals.
Because Withheld for Privacy uses the building's default address for its customers, Kalkofnswegur 2 has been linked to online forums that were used by a white supremacist group from the U.S., Patriot Front, to sell fake hormone drugs to trans women, as well as phishing sites that masqueraded as companies like Amazon, Coinbase, and Spotify to steal visitors' money and personal information, as well as influencer campaigns. aimed at spreading false narratives among unsuspecting Americans.
Iceland is attracted to proxy services primarily because of its strict privacy laws, which officials say were designed to protect ordinary users from authoritarian governments, rather than harboring scammers and criminals.
A former member of Iceland's parliament, Mórður Ingólfsson, who was involved in drafting the country's first internet laws, explains: "We aimed to create what we called the Switzerland of the bytes". However, according to him, this work was abused.
Neither Withheld for Privacy nor Namecheap responded to multiple requests for comment. The head of supervision of the Icelandic Data Protection Authority, Valborg Steingrímsdóttir, said that the company's services are used only to hide the real owner.
Iceland's Data Protection Authority, along with the Public Prosecutor's Office and the Ministry of Telecommunications, are trying to pass a law that would effectively ban services such as Withheld for Privacy from operating in the country.
According to Reykjavík's tax filings, Withheld for Privacy is registered at Kalkofnsvägur 2, but there is no indication that it occupies premises in a six-story building. In the basement there is an Icelandic
The director of Withheld for Privacy, Sergio Raigosa Hernández, is a Mexican citizen, according to the Icelandic tax department, but it was not possible to contact him or anyone else using the contacts indicated on the company's website.
Almost immediately after the registration of Withheld for Privacy in 2021, global authorities began monitoring suspicious activity associated with this address. For example, the Texas Securities Board in the same year issued a cease-and-desist order against a site registered there that defrauded investors.
In addition, the CISA agency in the United States issued a warning about two ransomware-related sites located at the same address.
Source
The modern office building next to the harbor in Iceland's capital, Reykjavík, is better known as the home of the Icelandic Phallological Museum, which exhibits 320 specimens of mammalian penises.
However, for those who track cybercrimes, this building has also become a virtual offshore haven for some of the world's most notorious offenders: identity theft, ransomware, misinformation, fraud, and other crimes.
The reason is that Withheld for Privacy is registered at the same address – Kalkofnsvégur 2 – which is part of a rapidly growing and largely unregulated industry in Iceland and other countries that allows internet domain operators to hide their identities.
While the practice has become commonplace for site owners seeking to protect themselves from harassment or spam, it also helps to hide from regulators, law enforcement, or victims.
Withheld for Privacy and other similar services have turned Iceland into a global hub of illegal activity disproportionate to the country's size. A company created in 2021 by Namecheap – one of the world's largest website providers – has actually hidden tens of thousands of dubious internet sites. Local authorities reported that they even tried to contact representatives of the company, but to no avail.
Researchers at Syracuse University, while studying deceptive political ads on Facebook and Instagram, accidentally stumbled upon this museum while trying to track down the owners of a site that spent $1.3 million on fraudulent ads targeting supporters of former U.S. President Donald Trump.
This scam tried to trick victims into providing credit card details and, without realizing it, signing up for expensive monthly payments before Meta, the owner of Facebook, shut down ads and blocked the domain for doing so this year.
The internet is full of similar sites that try to trick gullible users, and proxy services, when used incorrectly, make it even harder to find or identify criminals.
Because Withheld for Privacy uses the building's default address for its customers, Kalkofnswegur 2 has been linked to online forums that were used by a white supremacist group from the U.S., Patriot Front, to sell fake hormone drugs to trans women, as well as phishing sites that masqueraded as companies like Amazon, Coinbase, and Spotify to steal visitors' money and personal information, as well as influencer campaigns. aimed at spreading false narratives among unsuspecting Americans.
Iceland is attracted to proxy services primarily because of its strict privacy laws, which officials say were designed to protect ordinary users from authoritarian governments, rather than harboring scammers and criminals.
A former member of Iceland's parliament, Mórður Ingólfsson, who was involved in drafting the country's first internet laws, explains: "We aimed to create what we called the Switzerland of the bytes". However, according to him, this work was abused.
Neither Withheld for Privacy nor Namecheap responded to multiple requests for comment. The head of supervision of the Icelandic Data Protection Authority, Valborg Steingrímsdóttir, said that the company's services are used only to hide the real owner.
Iceland's Data Protection Authority, along with the Public Prosecutor's Office and the Ministry of Telecommunications, are trying to pass a law that would effectively ban services such as Withheld for Privacy from operating in the country.
According to Reykjavík's tax filings, Withheld for Privacy is registered at Kalkofnsvägur 2, but there is no indication that it occupies premises in a six-story building. In the basement there is an Icelandic
The director of Withheld for Privacy, Sergio Raigosa Hernández, is a Mexican citizen, according to the Icelandic tax department, but it was not possible to contact him or anyone else using the contacts indicated on the company's website.
Almost immediately after the registration of Withheld for Privacy in 2021, global authorities began monitoring suspicious activity associated with this address. For example, the Texas Securities Board in the same year issued a cease-and-desist order against a site registered there that defrauded investors.
In addition, the CISA agency in the United States issued a warning about two ransomware-related sites located at the same address.
Source
