In a significant breakthrough against the global threat of cybercrime, Spanish National Police dealt a decisive blow last Thursday with the arrest of the alleged leader of Kelvin Security’s financial apparatus. Kelvin Security, a notorious hacktivist group, has wreaked havoc with over 300 high-profile attacks in the last three years, targeting strategic sectors in more than 90 countries. Among its primary objectives were critical infrastructures and government entities, leaving a trail of compromised security in its wake.
The arrest, carried out in Alicante, Spain, marks a crucial step in the dismantling of Kelvin Security, which has operated since 2013, profiting from the illicit sale of sensitive information. The detained individual, a Venezuelan citizen, now faces a litany of charges, including belonging to a criminal organization, revealing secrets, computer damage, and money laundering.
The focus of the alleged leader’s role within Kelvin Security was exploiting vulnerabilities to extract sensitive information, which was subsequently sold on criminal forums on the Dark Web. The operation leading to the arrest was initiated in December 2021 after several Spanish town halls fell victim to cyber attacks. The General Information Commissioner (CGI), in collaboration with the Alicante Provincial Information Brigade and the Alicante Prosecutor’s Office, meticulously coordinated the operation.
Kelvin Security’s attacks in Spain targeted City Councils of Getafe, Camas, La Haba, and the Government of Castilla-La Mancha, revealing the group’s audacious reach. The modus operandi involved exploiting vulnerabilities in web pages and information storage services, enabling massive extractions of sensitive data.
This recent arrest is particularly noteworthy as it directly impacts the financial backbone of Kelvin Security. The Venezuelan suspect allegedly played a pivotal role in the group’s ability to profit from the sale of illicitly obtained information. With a focus on financial disruption, the arrest promises to significantly impede Kelvin Security’s operations and send a strong message to other hacktivist groups operating globally.
The global reach of Kelvin Security is evident in its attacks on countries such as the United States, Germany, Italy, Argentina, Chile, and Japan. In a chilling revelation, their most recent attack targeted an energy company, resulting in the exfiltration of data from over 85,000 customers.
As cyber investigators meticulously analyze numerous seized effects and technical supports from the detainee’s home, the arrest is expected to yield critical insights into Kelvin Security’s inner workings. The detainee, now in custody by order of Investigative Court number 7 of Alicante, will face justice for the extensive damage caused by the hacktivist group.
The arrest of Kelvin Security’s financial leader is undeniably a significant victory in the ongoing battle against cybercrime. It underscores the importance of international collaboration and the relentless pursuit of those who compromise the digital security of nations. As the investigation unfolds, the cybersecurity landscape eagerly awaits the potential revelations that could further expose the inner workings of this notorious hacktivist group. The takedown of Kelvin Security serves as a stark reminder that, in the age of digital interconnectedness, the fight against cyber threats is a global imperative that requires unwavering vigilance and collaboration.