InfoSecBulletin Cybersecurity for mankind
What just happened? Police in Spain have arrested a teenager named José Luis Huertas who they claim stole confidential data on more than half a million taxpayers from the national revenue service. The 19-year-old, who is known by multiple aliases including ‘Alcaseca,’ Mango,’ and ‘chimichurri,’ is also believed to be behind multiple other high-profile cyberattacks.
Policia Nacional said Huertas is one of the most dangerous hackers in the country, and is responsible for creating a search engine called ‘Udyat’ (‘The Eye of the Horus’) to facilitate the selling of stolen data. In an online interview, he also claimed to have access to the personal data of more than 90 percent of the Spanish population.
Fortinet + Crowdstrike team on protection from endpoint to firewall
Sophos to Acquire Secureworks in $859M
2nd time hacker breached Internet Archive
Vulnhuntr: A Tool for Finding Exploitable Vulnerabilities with LLMs
Critical Vulnerabilities in Bitdefender Total Security Expose Users to MITM
Microsoft’s Alarming Report: 600 Million Cyberattacks perday
CVE-2024-38814
VMware fixes high-severity SQL injection flaw in HCX
Over 90 Zero-Days, 40+ N-Days Exploited In The Wild
Oracle Security Update, 334 Vulnerabilities Patched
Chrome 130 Launches with Patches for 17 Security Vulnerabilities
The leaked data reportedly includes account numbers, bank balances, and other private and confidential information of Spanish citizens. Authorities believe Huertas would have used the stolen data to create an online database and sold it to third parties for a profit. According to investigators, much of his illegal activity was monetized through cryptocurrencies.
Huertas is described as a ‘serious’ national security threat by the Spanish police due to the magnitude of his cyberattacks and the sensitivity of the data he stole. He is said to be an expert in crypto assets and hiding the money trail with complex digital maneuvers meant to throw investigators off his scent.
According to Bleeping Computer, Huertas is also accused of stealing €300,000 from Paolo Vasile, the CEO of Gestevisión Telecinco/Mediaset España. Other charges against him include attacking high-state institutions and money laundering.
His arrest was the result of an investigation that started in November 2022 after he allegedly hacked into the computer network of the General Council of the Judiciary and accessed sensitive data controlled by several public institutions, including the State Tax Administration Agency.
Huertas is said to have lived a life of luxury that the police say is not commensurate with his age, especially for someone without a steady source of income. He allegedly made expensive trips, wore luxury labels, frequented fashionable entertainment venues, and even drove a ‘high-speed vehicle.’
Following his arrest, police conducted a search of his home and other properties, seizing a large amount of cash, critical documents, and “computer media.” In addition, a motorcycle and a high-end car were also recovered.
The judge presiding over the case has ordered that Huertas remain in custody until his trial, as he is considered a high-risk suspect who could escape, destroy evidence, or continue to commit other similar crimes if let out on bail.
