José Luis Huertas, known as Alcasec In the cyber world, he is again on the front line of the news after being arrested last Tuesday with the “former two” of the Ministry of InteriorFrancisco Martínez.
In this case He is accused of the crimes of money laundering, discovery and revelation of secrets and criminal organization.
Your new ones victims have now been the National Commission of Markets and Competition (CNMC), the Civil Registry, the General Directorate of Traffic (DGT) and State Ports. However, police inquiries began in 2024 when cyber attacks were detected to public agencies, companies in the energy sector, ports, telephone networks, transport systems and educational platforms. One of these public institutions suffered illicit access to their computer services. There was a massive personal data on mobile phone lines.
Young cybercrime
This young 21 -year -old hacker is an old police acquaintance and has a wide criminal record. Being a minor, he already accessed the bases of the General Directorate of the Police, which led to his first detention, in which the former Secretary of Interior State of the PP Francisco Martínez was attended as a lawyer, with which he has now been arrested again in the so -called Operation Borraska.
From an early age, Alcasec proved to be a talented hacker, mocking the safety of notable systems and organizationssuch as the Bicycle Rental Service of the Madrid City Council. Through his ingenuity and generosity when offering free products and services, he won a base of followers on social networks, being nicknamed as a “Robin Hood” digital.
Nevertheless, His career took a darker course when he started using tactics such as ‘Smishing’through falsified SMS messages to steal bank data. At that time he caught his relationship with the media ‘little Nicolás’, who supposedly acted as his mentor in the world of hacking, urging him to perform more sophisticated attacks. However, his friendship was affected by disagreements, such as the interest of the ‘little Nicolás’ in accessing information about influential people, including politicians and businessmen.
Alcasec, his first arrest
In 2021 there was his first arrest as the alleged perpetrator of a crime of computer intrusion and revelation of secrets, accessing different police databasesto which he re -entered during the period in which he was admitted to a minor center in Almería through the computer classroom computer in 2022.
Among them to Caupol, an internal tool that allows to know the names of the people whose information consults the agents and also which agents are consulting it.
When detecting that new attack, the General Subdirectorate of Logistics and Innovation of the National Police managed to block remote access to the corporate network, and the young man, given the possibility of an imminent detention, He threatened to publish the personal data of the members of the National Police whom he had accessed.
Neutral
With 19 years he was involved in other illegal activities that led him to jail and to face accusations related to the obtaining and dissemination of confidential data.
In March 2023, he was arrested again by order of the National Court by the Attack in October 2022 to the website of the Judicial Neutral Point of the General Council of the Judiciary (CGPJ)from which he extracted the bank data of more than half a million taxpayers.
He offered all the data that had been subtracting in his cyber attacks through a platform called UDYAT “The Eye of Horus”, referring to this Egyptian symbol and the ability of this computer architecture to obtain personal and sensitive data. In an interview on YouTube, he came to boast about his access to information of 90% of Spanish citizens. Through that platform, the researchers estimate that in total 1,866,175.73 euros could be pocketed.
After spending a month and a half in prison, Huertas chose to collaborate with justice and asked to declare before the judge of the National Court José Luis Calama, which was the one who sent him to jail and who then decided to release him provisional when facilitating the passwords of the devices in which he kept his portfolio of Bitcoins, Trust Wallet.
In its electronic devices a total of 32,943 bitcoins (BTC) were intervened, which could be confiscated in a precautionary way by the court.
After these bitcoins were transformed, the Court transferred a total of 863,375.37 euros to the Orga, the agency of the General State Administration and auxiliary of the Ministry of Justice, for its entry into its account of deposits and consignments.
Alcasec also facilitated the password of an iPhone and the telephone study revealed that from December 27, 2021 to February 4, 2022, it received notifications of cryptocurrency movements worth 365,000 euros.
The investigation of the National Court, as stated in the police reports, It allowed to prove the illicit access of Alcasec with another hacker, Daniel Baíllo, in addition to the judicial neutral point, to the bases of the DGTwhich allowed them to sell false driving permits, the increase in card points and real -time data consultation.
Also to the information systems of the Tax Agency, from where extracted more than forty thousand records related to official mail users of said agency.
They also entered the database of the Yoigo telephony operator, to which they usurped personal and banking data of more than 900,000 clients.
Through the Sara Network, they also accessed the information systems of the Community of Madrid, Presidency and Health, facts that are investigated in an Instruction Court in Madrid, as well as access to police bases of the General Directorate of the Police, whose data allegedly offered to members of criminal groups in exchange for money.
Another of its incursions was to the databases of the Government of the Republic of Peru, which allowed them to forgery the identity documents of that country.
They also committed telematic scams, among others, against two former realists of Real Madrid, one of whom usurped 324,262.59 euros.
Alcasec is pending being tried for the cause of access to the judicial neutral point with Baíllo and another defendant. The National Court Prosecutor’s Office asks for three years in jail for two continued crimes of illegal access to computer systems and discovery and revelation of secrets, a slight penalty when applying the very qualified mitigating attenuator of late confession.
After leaving prison he gave signs of some repentance and came to ensure that the prison had come well, although In 2024 he was arrested again in relation to new cyber attacks and the times that has been summoned as accused in different courts has accepted its right not to declare.
Now, it has been arrested again as a member of a network dedicated to launching cyber attacks to state agencies and strategic companies with which they would have managed to steal data from millions of Spaniards and organize a structure with international ramifications for the money laundering of that money.
In the list of Attacks appear educational systems, civil registration, pet records, transport fertilizers, telephone records and billing platforms of electricity companies.