Spamhaus, Tax Evasion, Shell Companies, Extortion Strategies, Blackmail and Much Much More
Browsing lowendtalk I believe this might be a suitable place to post the following. A lot of network operators who are knowledgeable about the true nature of Spamhaus hang on this place.
I always heard bad things about Spamhaus especially at the RIPE meetings.
I understood what the Spamhaus really are after what happened last year when I was put in the middle of a mass censorship attempt where they demonstrated how they corrupt some ISPs, censor and extort the others.
Fighting obscurantism and protecting the Internet neutrality are extremely important to me. I hope that the following information provide enough clues of the deep seated corruption in the Spamhaus project and its founding members.
Note: Spamhaus does not want you to know this information.
Spamhaus recently posted a bunch of FUD to distract the attention from the new recently leaked information regarding their money laundering schemes. link
Spamhaus techniques consist of disrupting mail exchanges to push people toward massively centralized solutions that they have under control.
Spamhaus is also greatly responsible of the depletion of the IPv4 market when marketing companies (mostly American) purchase entire prefixes for huge
Anybody who dares to discuss the wrong doing of Spamhaus is immediately labeled a "spammer" and risks a rampaging vendetta from them against ones network and upstream providers.
The following quotes are from the Spamhaus pages where they intended to spread distortions of what some people tell about them.
Myth: "Spamhaus claims to be a non-profit to evade taxes"
Today business registers can be checked online it makes it harder for Spamhaus to hide their embezzlements.
"Spamhaus Technology Limited" is the earliest company registered in the name of Spamhaus in the U.K, you can check the history of directors on companycheck.co.uk.
Look at the previous Director and Secretary, they have served only for a day and for more than 24,000 other companies. The next day they are both replaced respectively by Stephen John Linford and Geraldine Myra Peters (Linford's girlfriend).
This is what we call the "sham directors".
The registration address, Communications House, 26 York Street, London, W1U6PZ, is the address of w1office a company specialized in virtual offices, fake presence and mail forwarding.
"The Spamhaus Project" is the second registration in the U.K, it is the one that is supposedly "non-profit". The first interesting point is that it was registered after the "Spamhaus Technology Limited".
Its business structure is similar to the first one, see companycheck. The company is registered at the same address (w1office, the virtual office
company) as the first company.
The sham directors COMPANY DIRECTORS LIMITED and TEMPLE SECRETARIES LIMITED have served more than 200,000 other companies...
You may also notice, "Stephen John Linford" changed to "Stephen Linford". The trick is used to mix up records, creating two entries in the database.
The most interesting part is the "Current directors and Secretaries" where it shows "SPAMHAUS LOGISTICS CORP.". This make a direct connection to a tax-haven country.
"The Spamhaus Logistic Corp" is the company said to be a "logistics and holdings company maintaining the Spamhaus DNS blacklist".
The first record shows evidences of a direct linking to an offshore tax-haven country (Mauritius) here. The address, 1001 Alexander House, 35 Ebene Cybercity, Mauritius points to Imara Investing a specialist in offshore incorporation and tax optimization...
It is not the only tax-haven where The Spamhaus Logistic Corp can be found:
Another registration in the Mauritius is viewable on the Mauritius official portal which Spamhaus is currently trying to get rid of.
"The Spamhaus Logistic Corp" is also incorporated in the Seychelles at 103 Sham Peng Tong Plaza, Victoria, Mahe, the address of Apollo Business Solutions (PTY) LTD, the company's business consist of tax optimization, Spamhaus claims The Spamhaus Logistic Corp to be a IBC (International Business Company) a a tax-free corporation type. Apollo tells how good it is as an alternative to the British Virgin Islands.
"The Spamhaus Whitelist Company" is a non-existent bogus company, the project's plan here is to become the regulator of e-mail exchanges, the central authority that allows you or not to use e-mail by providing white-lists. The worst possibly imaginable.
Spamhaus claims: "The Spamhaus Whitelist Company Ltd., is a privately held company based in St Helier, Jersey (Great Britain)". Once again, an island with a lot of tax advantages. We can figure out this address too, PO Box 532, Green Street, St Helier JE4 5UW. There is nothing like Spamhaus registered at this address, however we can find a now defunct company called "The Channel House Trustees", a company once again specialized in the provision of trustee and corporate services, tax optimization etc...
Are we done? Nope.
Remember "Spamhaus Technology Limited", the first one which Spamhaus say is to "provides commercial distribution services for the technologies developed by the Spamhaus Project, such as the Spamhaus Datafeed" and then "These are resource-intensive services for which there is high demand but which the Spamhaus Project, as a nonprofit organization focused on fighting spam, has no commercial interest in handling itself." Spamhaus insist very much on saying that it is a "non-profit" project. We've got the same gang, registering multiple companies in multiple tax-havens trying to convince us that they are totally dissociated organizations...
SpamTEQ (Spamhaus Technology Limited), seems to be used to launder money. They disperse/burst the funds through 3 companies that Spamhaus call "Authorized Datafeed Vendors", one for the big funds, "ras-asia" in Singapore the two others as decoys for pennies. You may visit the site (http://ras-asia.com) and compare it with spamhaus.com to find out how similar they can be, if you're into HTML and CSS you may also fingerprints the same author.
Ras-asia has changed address multiple times. You can see that with https://web.archive.org/. (we also keep our own archive ofc.)
20 Cecil Street #04-05 Equity Plaza, 20 Cecil St #15-08 Equity Plaza and 3 Phillip St #13-03 Royal Group Building.
The two first are the addresses of international capital raising ventures like http://www.ventures-international.net which of course are specialized in providing virtual offices, mail redirection etc.
The last one is "TrustSphere", an attempt from Spamhaus to legitimate the company by linking it to a local organization. You can see that it is recent by using the archives.
More shady and bogus addresses:
On this page, they pretend to be based in Geneva, they list an address while Spamhaus is operated by Linford from southern France and the Balearic Islands in Spain where he has purchased villas. The Swiss address points to a business center where a mail forwarding company resides that has Spamhaus as customer. This trick is very efficient against legal troubles. The
authorities of the U.K will tend to believe that the organization is in Switzerland. No company such as Spamhaus is registered in Geneva and this was confirmed by the local government. Several people have also been there to confirm the facts.
The building is called "Tour Balexert", it belongs to "Regus". As usual, virtual offices and mail handling services are available
From Spamhaus: Myth: "The Russian Government has declared that Spamhaus is
an illegal organization"
Never happened. Russian spammers love to spread this myth, especially in
responses to Russian ISPs who disconnect them. Occasionally a naive
Russian ISP believes the myth and quotes it back to us confirming that
stupidity is not limited to spammers. This myth relies on "I heard from
someone who heard from someone..." etc.
Spamhaus attempted to shutdown stophaus.com after it led a huge propaganda to get it shut down because some people where listing the very shady
Spamhaus operations. Spamhaus has been powerful enough to successfully got someone jailed and deported, he was later released and no charges where left against him (more about this later).
The truth is that the Russian government has not made Spamhaus illegal indeed but stated that an ISP cannot disconnect a customers when it is
harassed and extorted by Spamhaus. If a provider disconnects a customer because it is harrassed by Spamhaus, it could risk a license revocation.
This actually explains why stophaus.com is still online despite Spamhaus numerous attempts to extort the providers that have hosted it.
Myth: "Spamhaus wants to stop spamming so that they can control the 'spam
industry' for themselves"
This is one of the oldest myths, and almost too silly to try and comment
about. Spammers often just are not wired in a way where they can
understand that life is not all about greed and making money by annoying
others. They do not realize that there are many people on the internet
want to keep it usable for the world. Spamhaus tries to stop spam so that
email can remain the very powerful communication medium it has become.
In reality, Spamhaus tactics consist of pushing to centralization by making self mail hosting difficult. People will then switch to centralized Spamhaus' sponsors.
When America introduced the CAN-SPAM it allowed marketing companies to send Spam as long as they would allow the recipient to unsubscribe, Spamhaus could not fight against it and instead adapted its business.
In exchange of a paid subscription and activation of Spamhaus blocklists (aka giving coercive powers to Spamhaus) a network can be made free from Spamhaus' aggressive blacklisting.
ISPs which have an agreement with Spamhaus may then begin to lease prefixes to spammers or sponsor marketing services designed for spamming purposes such as, mandrill.com, serversmtp.com, turbo-smtp.info etc.
A very large amount of the marketing services are under the same company, one of them is Softlayer. It was discovered that Softlayer blocked on all ports traffic from prefixes listed by spamhaus. Yes, that makes Softlayer involved in Internet neutrality violations. Softlayer was asked to comment
and came out with a brilliant excuse:
When a Softlayer's customer figured out that he was unable to reach certain networks. The customer wrote a complaint. Softlayer attempted to demonstrate that the issue was not on their side, claiming to have no censorship or blocklists on its network until it was made an undeniable fact only then Softlayer admitted to be dropping traffic on Spamhaus' demands using their DROP list. Softlayer then presented claims of extensive damages that removing the DROP list would cause to their network as an excuse. Anybody that operates an ethical network here would find this ridiculous and absurd.
While your concerns about net neutrality are noted, please be advised that at this time, we are not able to remove the Spamhaus DROPlist from our network borders, as doing so has the potential to cause extensive damage to our network and infrastructure.
When we received the transcript, we queried Softlayer to comment the allegations. Softlayer never replied despite we ealier received replied when it was about a different subject.
It seems that the activation of Spamhaus' censorship on Softlayer's network has been done very secretly, we have a reliable source working at Softlayer who told us that he was absolutely not aware of the presence of Spamhaus blocklists on the network.
Myth: "Spamhaus gets information by hacking servers"
Spamhaus doesn't even test for open-email-relays, let alone any other form
of computer trespass. We do not do penetration testing, test for various
server vulnerabilities, or do any other sort of "hacking." We watch for
overt, publicly accessible indications of spam and spam support, all
things which can be publicly verified.
Spamhaus receives information from script-kiddies who use Spamhaus as a vendetta tool. However when Spamhaus extorts a provider it will eventually scan the provider's network to figure out where most mail servers hosts are. Spamhaus then add the prefixes to its blocklists to disrupt the provider and its clients and the extortion begin.
Myth: "Spamhaus blocklisted Wikileaks"
Never happened. This myth was circulated by a Russian malware hosting gang
known as "Heihachi" in 2010 and further propagated by a blocklisted Dutch
spam and malware host known as 'Cyberbunker/CB3ROB' who attempted to trick
members of the hacktivist group Anonymous into attacking Spamhaus on his
behalf. Quite the contrary, in December 2010 Spamhaus had contacted
Wikileaks to warn them that this gang was trying to trick Wikileaks
readers into visiting a fake 'Wikileaks' mirror in Russia on which the
gang was hosting trojan malware poised to infect anyone who visited. The
Spamhaus malware warning report concerning this is here.
Spamhaus was attacking a Russian hosting company that was known to be "bulletproof" and a free-speech haven.
WikiLeaks.info chose this company to host the site after they've got kicked off Amazon upon requested by the U.S. Spamhaus then made up a story to tell that the page was hosted by criminals who had implanted a malware in the page, the message was relayed by several sites until the administrators responded that what Spamhaus claims were false. And yes, it was just defamation.
"We find it very disturbing that Spamhaus labels a site as dangerous
without even checking if there is any malware on it. We monitor the
wikileaks.info site and we can guarantee that there is no malware on it,"
the WikiLeaks.info site said.
Myth: "Spamhaus are Criminals and Terrorists"
Spammers have for years claimed that Spamhaus is a criminal organization,
with claims ranging wildly from the CEO of Spamhaus being a "wanted
criminal on the run" to our staff being "convicted criminals" to our
organization being linked with Al-Queda or other such nonsense. Were any
Spamhaus staff, from our CEO and senior management to our cyber threat
researchers, to have any type of criminal record whatsoever, let alone be
"wanted" by any Government, Spamhaus would not be listed as a member of
International Law Enforcement work groups, including: LAP:
http://londonactionplan.org/members/ Nor would Spamhaus receive awards
from Cybercrime Law Enforcement such as from FBI NCFTA:
http://www.spamhaus.org/organization/ncftaaward/. Likewise, were we to
have any connection whatsoever to cybercrime or terrorism the FBI would
not publicly declare a partnership with Spamhaus such as at:
spammer rants seem to be in many cases a mirrored "projection" of the
spammer's own character and actions. Often, quite criminal.
Spamhaus brags about awards they've received from organizations which are know to be anti-Internet. However they've got none from organizations that are really campaigning for users' freedom on the Internet and there are very low chances that they ever get one. Please read what the EFF thinks about blacklists. You can also read John's Gilmore (co-founder of the EFF) about anti-spammers propaganda and extortion.
Spamhaus actively use their awards to convince people of their goodwill. The organizations which have awarded Spamhaus had no clue about what is behind Spamhaus' curtain. Knowing these information, even anti-Internet organizations should not be able to award Spamhaus anymore.
Spamhaus also try to convince people by twisting what their opponents (that they call "spammers") claim about them. This is part of their campaign of disinformation. For instance Spamhaus claims that "spammers" say that Spamhaus are "criminals and terrorists" while it's more adequately said that Spamhaus is a "multi million dollar bank rolls, spam, money laundering and corrupted organization which use extortion and other coercive methods which verge on terrorism".