34 arrested after their involvement in a cybercrime network

The Spanish authorities have apprehended 34 individuals involved in a cybercrime network responsible for stealing the personal information of 4 million individuals.

Based on reports, the Spanish National Police successfully dismantled the cybercrime network allegedly involved in various online scams aimed at extracting and profiting from the data of over four million people.

Spain executed 16 targeted searches across several cities, including Madrid, Malaga, Huelva, Alicante, and Murcia, culminating in the arrest of 34 criminal group members. Moreover, the police raids seized firearms, handheld weapons, four luxury cars, 80,000 euros in cash, and computer systems containing a database containing information on four million individuals.

The arrested individuals are also suspects in various cybercriminal operations, such as email and SMS phishing schemes, where they pose as delivery companies and electricity providers.

 

The cybercrime network has used various tactics to deceive their targets.

 

The 34 people involved in the cybercrime network have resorted to deceptive tactics, such as making fake distress calls to parents, convincing them that their child was in a dangerous situation or stranded in an unfamiliar location.

Furthermore, they took advantage of an insider’s position within an international technology company to redirect merchandise to attacker-controlled addresses. It is worth noting that this threat group did not use a fixed modus operandi and had a variety of fraudulent methods.

One of the most common schemes this group employed was a false loan scam. Numerous victims have complained about this scheme and reported a consistent pattern of deceit. The scammers managed to infiltrate the databases of various financial and credit institutions, extracting customer data, and manipulating access to credit funds in customer accounts.

Subsequently, they contacted the affected clients, informing them of an illegal loan deposit due to a computer glitch. This technique allowed them to fool the victims into repaying the fictitious loans by following specific instructions.

To execute this deception, the threat actors redirected their victims to phishing websites that impersonated their respective banks and gathered sensitive personal information. This criminal network’s primary profit source was selling the stolen data to other cybercriminals, with an estimated revenue of about $3.2 million.

High-ranking threat group members transferred the payments into cryptocurrency investment platforms, making the money tracing challenging for investigators.

Authorities have apprehended the leaders of this cybercrime ring. However, these law enforcement agencies still have ongoing investigations to identify additional people and victims in the coming weeks.