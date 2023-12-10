The Spanish National Police arrested in Alicante (east of the country) a Venezuelan citizen, leader of the financial apparatus of one of the most important hacker groups in the world, the ‘Kelvin Security’, with more than 300 high-level attacks behind it against strategic sectors of more than 90 countries in the last three years.

The main objectives of the group, according to the National Police, are critical infrastructures and government institutions. In addition to Spain, its objectives include countries such as United States, Germany, Italy, Argentina, Chile and Japan.

They are dedicated to exploiting vulnerabilities in strategic entities so that, once the intrusion has occurred, obtain access credentials and extract confidential information who subsequently sell, through criminal forums on the ‘dark web’, a part of the Internet that allows users to hide their identity and location from other people and law enforcement agents.

The arrested person, a Venezuelan citizen, is charged the crimes of belonging to a criminal organization, disclosure of secrets, computer damage and money laundering. He is considered the main person responsible for laundering the money obtained from the criminal activities of the hacktivist group and operated mainly through the exchange of cryptocurrencies.

This Saturday morning it was made available to the head of the Court of Instruction number 7 of Alicante, who dHe declared his entry into prison.



The investigation began two years ago, when the agents became aware of sophisticated cyber attacks suffered on the computer systems of the City Councils of Getafe (Madrid) and Camas (Seville, southern Spain). Later, the City Council of La Haba (Badajoz, south) and the Government of the region of Castilla-La Mancha (center) were.

Cyber ​​investigation experts detected that the computer attacks were claimed by the ‘Kelvin Security’ group, through clandestine cybercriminal forums accessed through the ‘dark web’ in which exfiltrated confidential data was sold, which They were valuable to people linked to third countries present in these forums.



The agents verified that the group took advantage of vulnerabilities in web pages, software and information storage services of institutions and entities belonging to strategic sectors around the world to carry out a massive extraction of sensitive information from internal data, clients, workers and users.

The first records on the network of the ‘Kelvin Security’ group date back to 2013, it has profited from the sale of all that information obtained illicitly and the most recent attack was, in mid-November 2023, on the headquarters of a company energy and managed to exfiltrate a database with confidential information of more than 85,000 clients of the multinational.

EFE

