Monday, December 16, 2024
HomeCyber CrimeSpain Arrests 34 Cybercriminals Who Stole Data of 4 Million People

Spain Arrests 34 Cybercriminals Who Stole Data of 4 Million People

Published on

SIEM as a Service

Law enforcement officials have successfully apprehended a notorious criminal organization responsible for perpetrating computer scams and stealing sensitive data belonging to more than four million individuals.

Law enforcement officials arrested a criminal organization consisting of 34 cybercriminals. During the operation, authorities conducted 16 searches in various towns and seized several items, including two simulated firearms, a katana, a basketball, 80,000 euros in cash, four high-end vehicles, a database containing information on 4 million individuals, a computer, and electronic equipment worth thousands of euros.

Close to €3 million was illegally obtained by the group through various fraudulent means such as smishing, phishing, vishing, the son-in-distress scam, manipulation of technology company delivery notes, and pretending to be employees of an electricity supply company while engaging in vishing campaigns.

- Advertisement - SIEM as a Service

Spoofing Techniques

Smishing: Smishing is a text message tricking recipients into clicking a link or sending private information to an attacker.

Phishing: Phishing is a social engineering and scam where attackers deceive people into revealing sensitive information or installing malware such as ransomware.

Vishing: Vishing is a phone scam to steal confidential information from individuals or organizations.

Cryptocurrency assets were purchased by the leaders of the network using their profits. They also created fake documentation and used spoofing techniques to conceal their identities.

A specialized agent from the Central Cybercrime Unit conducted an investigation and discovered a criminal network that had unlawfully accessed the databases of several financial and credit institutions.

The network had deposited varying sums of money from the credit institution into their customers’ accounts.

Various banks’ identities were impersonated in vishing campaigns, while electricity supply companies’ identities were used in phishing campaigns, along with the ‘son in distress’ scam. The information was utilized for these purposes.

The organization’s fraudulent scheme consisted of rerouting the products obtained from suppliers towards the organization itself, effectively sidestepping the intended recipient company that had purchased the computer and electronic goods.

The main leaders of the network have been arrested, and over 1,000 complaints have been resolved, with the possibility of identifying more perpetrators and victims.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.

Latest articles

The Rise of AI-Generated Professional Headshots

It’s clear that a person’s reputation is increasingly influenced by their online presence, which...

Hackers Abuse Google Ads To Attacking Graphic Design Professionals

Researchers identified a threat actor leveraging Google Search ads to target graphic design professionals,...

Hackers Using New IoT/OT Malware IOCONTROL To Control IP Cameras, Routers, PLCs, HMIs And Firewalls

Recent cyberattacks targeting critical infrastructure, including fuel management systems and water treatment facilities in...

Hackers Exploiting Apache Struts2 Vulnerability to Upload Malicious Payloads

Hackers have begun exploiting a newly discovered vulnerability in Apache Struts2, a widely used...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Hackers Abuse Google Ads To Attacking Graphic Design Professionals

Researchers identified a threat actor leveraging Google Search ads to target graphic design professionals,...

Hackers Using New IoT/OT Malware IOCONTROL To Control IP Cameras, Routers, PLCs, HMIs And Firewalls

Recent cyberattacks targeting critical infrastructure, including fuel management systems and water treatment facilities in...

Hackers Exploiting Apache Struts2 Vulnerability to Upload Malicious Payloads

Hackers have begun exploiting a newly discovered vulnerability in Apache Struts2, a widely used...