A malicious hacker group thought to have been operating since at least 2013 may have suffered a major blow after Spanish police arrested a suspected key member over the weekend.
Spain’s national police arrested a Venezuelan man in Alicante on Thursday, believing he has links to the Kelvin security gang.
In an announcement posted on Telegram, Spanish police described Kelvin Security as one of the world’s most important malicious hacker groups, having launched more than 300 attacks in more than 90 countries over the past three years.
Victims of this cybercrime group include the city councils of Madrid, Seville, Badajoz and the local government of Castilla-La Mancha, where malicious hackers often exploit vulnerabilities to access login credentials and steal them. Confidential information is then sold through darknet criminals in forums.
Kelvin Security sometimes tries to sell itself as a penetration testing service, claiming (somewhat implausibly) that its purpose is to warn hacked companies of security issues with their networks, but then after the hacked companies ignore their progress. Selling stolen information.
It goes without saying that the desire to expose security vulnerabilities is no excuse for selling leaked sensitive data on the dark web, where cybercriminals and fraudsters can exploit it.
Vodafone Italy is said to be one of the past victims of the Kelvin security gang; last September, the group offered to sell 310 GB of data they claimed to have stolen from the telecoms group.
It is understood that in the middle of last month, an unnamed multinational energy company also became a victim of a cybercriminal group. The company’s server database was leaked, which contained detailed information of more than 85,000 customers.
An unnamed man arrested in Spain last week has been described by police as a central figure in Kelvin Security’s money-making business, responsible for laundering money through cryptocurrency exchanges.
A video released by Spanish police showed officers raiding the suspect’s home for evidence before detaining him.
Those arrested face charges related to criminal groups, organizational membership, money laundering and computer misuse.
More details of the investigation were shared in a police news release, in which they described last week’s arrest as the latest step in an investigation that began in December 2021.
Editor’s note: The opinions expressed in this guest author article are those of the contributor and do not necessarily reflect the views of Tripwire.