InfoSecBulletin Cybersecurity for mankind
What just happened? Police in Spain have arrested a teenager named José Luis Huertas who they claim stole confidential data on more than half a million taxpayers from the national revenue service. The 19-year-old, who is known by multiple aliases including ‘Alcaseca,’ Mango,’ and ‘chimichurri,’ is also believed to be behind multiple other high-profile cyberattacks.
Policia Nacional said Huertas is one of the most dangerous hackers in the country, and is responsible for creating a search engine called ‘Udyat’ (‘The Eye of the Horus’) to facilitate the selling of stolen data. In an online interview, he also claimed to have access to the personal data of more than 90 percent of the Spanish population.
CVE-2025-1268
Patch urgently! Canon Fixes Critical Printer Driver Flaw
Within Minute, RamiGPT To Escalate Privilege Gaining Root Access
Australian fintech database exposed in 27000 records
Over 200 Million Info Leaked Online Allegedly Belonging to X
FBI investigating cyberattack at Oracle, Bloomberg News reports
OpenAI Offering $100K Bounties for Critical Vulns
Splunk Alert User RCE and Data Leak Vulns
CIRT alert Situational Awareness for Eid Holidays
Cyberattack on Malaysian airports: PM rejected $10 million ransom
Micropatches released for Windows zero-day leaking NTLM hashes
The leaked data reportedly includes account numbers, bank balances, and other private and confidential information of Spanish citizens. Authorities believe Huertas would have used the stolen data to create an online database and sold it to third parties for a profit. According to investigators, much of his illegal activity was monetized through cryptocurrencies.
Huertas is described as a ‘serious’ national security threat by the Spanish police due to the magnitude of his cyberattacks and the sensitivity of the data he stole. He is said to be an expert in crypto assets and hiding the money trail with complex digital maneuvers meant to throw investigators off his scent.
According to Bleeping Computer, Huertas is also accused of stealing €300,000 from Paolo Vasile, the CEO of Gestevisión Telecinco/Mediaset España. Other charges against him include attacking high-state institutions and money laundering.
His arrest was the result of an investigation that started in November 2022 after he allegedly hacked into the computer network of the General Council of the Judiciary and accessed sensitive data controlled by several public institutions, including the State Tax Administration Agency.
Huertas is said to have lived a life of luxury that the police say is not commensurate with his age, especially for someone without a steady source of income. He allegedly made expensive trips, wore luxury labels, frequented fashionable entertainment venues, and even drove a ‘high-speed vehicle.’
Following his arrest, police conducted a search of his home and other properties, seizing a large amount of cash, critical documents, and “computer media.” In addition, a motorcycle and a high-end car were also recovered.
The judge presiding over the case has ordered that Huertas remain in custody until his trial, as he is considered a high-risk suspect who could escape, destroy evidence, or continue to commit other similar crimes if let out on bail.
