Lorraine Williamson
A suspected hacker responsible for more than 40 cyberattacks on strategic public and private entities has been arrested in Calpe, Alicante, according to the Guardia Civil and Policía Nacional. The individual allegedly infiltrated the computer systems of organisations including the Guardia Civil, the Ministry of Defence, the National Mint, NATO databases, and even the US Army.
The arrest took place as part of Operation ‘Abbadon-Theatre,’ targeting crimes of unauthorised access to IT systems, data breaches, cyber damage, and money laundering. Authorities found multiple cryptocurrencies and IT equipment during a search of the suspect’s home. The materials are currently under forensic analysis, and further criminal activity has not been ruled out.
Dark web claims and use of multiple aliases
The hacker reportedly publicised his attacks on dark web forums under various pseudonyms to avoid detection. Authorities believe the individual frequently changed identities to remain anonymous while continuing attacks on both national and international institutions, including universities and government agencies.
Extensive cybercrime network and blockchain knowledge
In addition to the cyberattacks, the suspect managed over 50 cryptocurrency accounts, indicating a sophisticated understanding of blockchain technology. The Guardia Civil confirmed that the suspect used advanced techniques, such as anonymous messaging apps and encrypted browsing, to cover his tracks and hinder identification.
Key targets and attack timeline
The first known breach was reported in early 2024 when a Madrid-based business association discovered its website compromised, with stolen data posted online. The hacker left defaced portals with messages claiming responsibility.
Throughout 2024, cyberattacks were launched against significant institutions, including the National Mint, the Public Employment Service, and several Spanish universities. The most recent attack, in December 2024, targeted the Guardia Civil itself, leading to intensified investigations by the Central Operational Unit.
International collaboration in investigation
The operation was a joint effort between the Guardia Civil, Policía Nacional, and Spain’s National Cryptologic Centre (CCN), with support from the National Intelligence Centre (CNI). International collaboration included Europol and the US Homeland Security Investigations (HSI).
Legal proceedings underway
The detained individual has been presented before the Court of Instruction in Denia, facing multiple charges related to cybersecurity breaches and financial crimes.
Also read: British cyber scammer arrested in Palma de Mallorca for hacking 45 US companies