A collaborative operation by the National Police and Civil Guard has led to the arrest of a suspected hacker in Calpe, Alicante. The individual, known online as Natohub, is believed to have executed over 40 cyberattacks on both domestic and international entities, compromising sensitive data and documents.

Targeted Entities

In Spain, the cyberattacks affected several government bodies, including the Civil Guard, Ministries of Defence and Education, and the National Currency and Timbre Factory. Additionally, multiple universities and the Generalitat Valenciana were also compromised.

On the international front, databases of NATO, the US Army, the United Nations, and the International Civil Aviation Organization (ICAO) were reportedly breached. ICAO confirmed the breach last month after data was leaked on BreachForums by an account named Natohub, which claimed possession of personal data of 14,000 UN delegates.

Investigation and Arrest

The arrest followed an extensive investigation by Spanish authorities into unauthorized access, data disclosure, and money laundering. The probe began in February 2024 after a Madrid business association reported their data being leaked online. This led to the discovery of a series of cyberattacks throughout 2024, culminating in the suspect's arrest in December.

The hacker allegedly accessed databases containing personal and internal documents, which were either sold or publicly shared on forums. The suspect utilized anonymous messaging and navigation tools to evade detection, creating a complex network that challenged investigators.

Authorities confiscated computer equipment, an iPhone, and approximately 50 cryptocurrency accounts from the suspect's residence. The suspect, reportedly 18 years old, was released after a court appearance with the condition of passport confiscation.

International Collaboration

The operation received support from the National Cryptological Centre (CCN), EUROPOL, and US Homeland Security Investigations (HSI). This arrest is part of a broader initiative by Spanish law enforcement to combat cybercrime, working alongside international agencies to dismantle cybercriminal networks.

Learn more about zero-day vulnerabilities and cybercrime prevention in our detailed Research section.

The link has been copied!