Spanish police have arrested an 18-year-old hacker known as NATOHUB, who has claimed responsibility for a series of cyber attacks on state institutions in the United States and Spain. The hacker is accused of carrying out at least 40 cyber attacks in 2024, targeting organizations such as the Ministry of Defense of Spain, NATO, and even the US Army.
The arrest took place in Calpe, Alicante, where the hacker resided. He has been charged with unauthorized access to computer systems, disclosure of confidential data, damage to information systems, and money laundering.
During a search of the hacker’s home, authorities seized computers and more than 50 cryptocurrency wallets with various digital assets. Despite using anonymous messengers and encrypted channels, the authorities were able to track him down. The hacker has been released on bail but has had his passport confiscated to prevent him from leaving the country.
NATOHUB managed to breach NATO databases and other important systems, including the portal of the alliance cooperation where data of 362 employees was stolen. The hacker also accessed the databases of the UN Civil Aviation Organization, extracting personal information of 42,000 individuals.
The attack on ICAO was confirmed in December when stolen data appeared in the Darknet. NATOHUB also claimed to have accessed personal data of 14,000 UN delegates. Spanish organizations such as SEPE, DGT, the National Factory of Coins and Stamps, and the Ministry of Defense were also targeted in the cyber attacks.
The investigation is ongoing to determine whether the hacker acted alone or had accomplices. The NATOHUB case has garnered significant attention in Spain, raising concerns about the effectiveness of modern cyber security measures.