Agents from the Guardia Civil and the Mossos d’Esquadra have arrested a hacker specialising in cyberattacks in Madrid. One of these cyberattacks was on an electricity distribution company, where he stole data from 37,000 of its customers.
The intrusion into the power company’s servers, which occurred in 2022, was through the usurpation of authorised credentials and the escalation of privileges. The hacker, using infrastructure located in several countries, managed to capture sensitive information, both from the company and its clients and users.
The detainee transferred the information to third parties in exchange for payment in cryptocurrency. Cryptocurrencies are a decentralised and pseudo-anonymous digital currency system that allows financial transactions between distant and unknown people. Exchange houses allow the transfer of cryptocurrencies to fiat money and vice versa.
The company’s IT technicians were able to identify the IP addresses from which the attack came. They detected the number of people affected, the type of data exfiltrated and the impact on their service.
The company reported the incident, contacted the affected users and reported the attack to the Catalan Data Protection Authority. After conducting various investigations with the different services that the hacker used during the attack and thanks to international collaboration, the investigators were able to identify the alleged perpetrator through the traceability of the cryptocurrencies.
Once identified, a joint investigation team was established, as both bodies were investigating the same person. In a joint operation by the UCO Cybercrime Department of the Guardia Civil and the Central Cybercrime Area of the DIC of the Mossos d’Esquadra, the arrest was made and two searches were carried out in which evidence of interest to the investigation was collected.
Other Articles
