Hacker Arrested for Stealing Users Personal Data from Spanish Banks

Spanish authorities have successfully apprehended a sophisticated cybercriminal operating from Girona province, who allegedly orchestrated multiple data breaches targeting financial institutions, educational organizations, and private companies. 

The arrest represents a significant victory in the ongoing fight against cybercrime in Spain, with investigators uncovering evidence of extensive data theft operations conducted through advanced social engineering techniques and SQL injection attacks.

Key Takeaways
1.  Hacker arrested in Girona for bank cyberattacks.
2. Stole personal data and sold it on the dark web.
3. Police seized digital devices and 30+ SIM cards.

Data Theft and Dark Web Sales

After a thorough digital forensics investigation that linked several cyberattacks to a single address in the Girona area, the Mossos d’Esquadra and the National Police together conducted an operation that resulted in the suspect’s arrest in Roses.  

The accused, described as having advanced computer programming skills and currently studying computer science, allegedly employed various attack vectors, including distributed denial-of-service (DDoS) attacks, phishing campaigns, and zero-day exploits, to penetrate secure networks.

During the raid, authorities seized critical evidence, including a laptop containing encrypted files, twelve mobile devices with multiple IMEI numbers, several high-capacity hard drives likely containing personally identifiable information (PII), over thirty SIM cards suggesting SIM swapping operations, and bank cards belonging to different individuals. 

The suspect’s modus operandi involved extracting personal databases containing employee and client information, along with confidential internal documents from targeted organizations. 

This stolen data was subsequently monetized through sales on Tor-based marketplaces within the dark web ecosystem, with some information allegedly distributed freely on underground forums to establish credibility within cybercriminal communities.

The arrested individual now faces charges under Article 197 of the Spanish Penal Code, specifically relating to the discovery and disclosure of secrets, which carries potential sentences of up to four years’ imprisonment for unauthorized access to personal data. 

Spanish cybercrime legislation, particularly the Law on money laundering prevention and the General Data Protection Regulation (GDPR) implementation, provides prosecutors with comprehensive legal frameworks to address such sophisticated data breaches.

Investigators continue analyzing seized digital evidence using advanced forensic imaging techniques and hash verification protocols to identify additional victims and potential accomplices. 

The ongoing investigation focuses on reconstructing the full scope of compromised systems, with particular attention to SQL database extractions and API vulnerabilities that may have been exploited. 

Authorities anticipate that additional charges related to financial fraud and identity theft may be filed as the digital forensics analysis progresses, potentially expanding the case to include violations of Spain’s Cybersecurity Law and international data protection agreements.

Integrate ANY.RUN TI Lookup with your SIEM or SOAR To Analyses Advanced Threats -> Try 50 Free Trial Searches