The Spanish police have arrested two individuals in the province of Las Palmas for their alleged involvement in cybercriminal activity, including data theft from the country’s government.
The duo has been described as a “serious threat to national security” and focused their attacks on high-ranking state officials as well as journalists. They leaked samples of the stolen data online to build notoriety and inflate the selling price.
“The investigation began when agents detected the leakage of personal data affecting high-level institutions of the State across various mass communication channels and social networks,” reads the police announcement.
“These sensitive data were directly linked to politicians, members of the central and regional governments, and media professionals.”
The first suspect is believed to have specialized in data exfiltration, while the second managed the financial part by selling access to databases and credentials, and holding the cryptocurrency wallet that received the funds.
The two were arrested yesterday at their homes. During the raids, the police confiscated a large number of electronic devices that may lead to more incriminating evidence, buyers, or co-conspirators.
In recent years, Spanish police has been successful in tracking and arresting several high-profile cybercriminals. This February, they arrested a hacker believed to have breached Guardia Civil, the Ministry of Defense, NATO, the U.S. Army, and various universities worldwide.
Last June, a young British linked to the notorious Scattered Spider hacking group and believed to have been involved in attacks on 45 U.S. companies, was arrested in Palma de Mallorca.
Earlier, in December 2023, the Spanish police arrested the alleged leaders of the ‘Kelvin Security’ hacking group, believed to be responsible for 300 cyberattacks against organizations in 90 countries over a period of three years.
While cloud attacks may be growing more sophisticated, attackers still succeed with surprisingly simple techniques.
Drawing from Wiz’s detections across thousands of organizations, this report reveals 8 key techniques used by cloud-fluent threat actors.