What Happened to lina?
A security researcher known by the alias 'lina' inadvertently caused the shutdown of a Dutch law enforcement honeypot, 'Cyberzap.fun,' on April 29, 2026. The incident occurred while lina was investigating 'Operation PowerOFF,' a Dutch police initiative targeting cybercriminals, leading the authorities to panic and pull the plug on their covert operation.
Quick Answer
On April 29, 2026, a security researcher operating under the alias 'lina' discovered and subsequently caused the shutdown of a Dutch police honeypot named 'Cyberzap.fun.' While conducting research into 'Operation PowerOFF,' a law enforcement initiative, lina registered on the site with a clearly identifiable research email and began probing its functionalities. This activity prompted the Dutch authorities to abruptly take down not only 'Cyberzap.fun' but also a related domain, 'bytecannon.net,' effectively shutting down their honeypot operation.
📊Key Facts
📅Complete Timeline6 events
Cyberzap.fun Site Captured (Empty)
The domain 'Cyberzap.fun', later used as a honeypot, was captured in July 2025, but was empty at that time, indicating it was not yet operational.
lina Discovers Cyberzap.fun
Security researcher lina discovers 'Cyberzap.fun', a website designed to mimic a 'booter' service, as part of an investigation into 'Operation PowerOFF' by the Dutch police.
lina Registers with Research Email
lina registers an account on Cyberzap.fun using a distinct email address, 'conducting-research-hello-operation-poweroff@lina.sh', clearly indicating their research intent to the operators.
lina Probes Honeypot Functionality
After registering, lina explores the Cyberzap.fun dashboard and attempts to 'order an attack' on a humorous target, probing the honeypot's features.
Dutch Police Shut Down Honeypot
In response to lina's activity, the Dutch police abruptly shut down Cyberzap.fun and a related, unused domain, bytecannon.net, indicating they detected the researcher's presence and panicked.
lina Publishes Blog Post
lina publishes a blog post titled 'I accidentally made law enforcement shut down their fake honeypot,' detailing the discovery and subsequent shutdown of the Dutch police operation.
🔍Deep Dive Analysis
The incident involving the accidental shutdown of a law enforcement honeypot by the security researcher known as 'lina' unfolded on April 29, 2026. lina, who also uses the handle 'fishgoesblub' on platforms like Hacker News, was actively investigating 'Operation PowerOFF,' a Dutch police initiative aimed at deterring and apprehending cybercriminals, particularly those involved in 'booter' or 'stresser' services.
lina stumbled upon 'Cyberzap.fun,' a website that, despite some imperfections, convincingly mimicked thousands of legitimate booter sites, complete with SEO-friendly meta tags, sitemaps, and robots.txt files. A significant giveaway, however, was the use of 'bit.nl' as the mail server host, a known preference for the Dutch police. Intrigued, lina decided to register on the site, using a distinct email address: 'conducting-research-hello-operation-poweroff@lina.sh,' explicitly signaling their intent as a researcher rather than a malicious actor.
After successfully registering and receiving a legitimate activation email, lina explored the 'Cyberzap' dashboard, which featured fake network speed graphs and bot counters. To test the system, lina attempted to 'order an attack,' humorously targeting 'Benjamin Netanyahu's' domain. This probing, combined with the identifiable research email, seemingly triggered an alarm within the law enforcement operation.
In what lina described as a 'panic,' the Dutch police swiftly pulled the plug on 'Cyberzap.fun' and a related, unused domain, 'bytecannon.net.' The sites became inaccessible, displaying a '401 Unauthorized' prompt. This abrupt shutdown indicated that the authorities had detected lina's investigation and opted to dismantle their honeypot rather than risk further exposure or compromise. The 'netcrashers.net' site, another police-run scare tactic, remained online, as it was intended to be publicly associated with law enforcement.
The consequences of lina's actions were immediate for the Dutch police, resulting in the premature termination of at least part of their 'Operation PowerOFF' honeypot infrastructure. For lina, the outcome was a detailed blog post documenting the entire process and the humorous realization of having inadvertently caused a law enforcement operation to cease. The incident highlights the challenges law enforcement faces in maintaining covert online operations when confronted by skilled and curious security researchers. As of April 30, 2026, lina continues to share insights on cybersecurity, and no legal repercussions for the accidental shutdown have been reported.
What If...?
Explore alternate histories. What if lina made different choices?