Spanish police have arrested a British national accused of leading an organized cybercrime group that hacked dozens of US companies.
The unnamed British national, aged 22, was arrested at Palma airport as he was about to leave the country on a charter flight to Naples, Spanish police confirmed. in a press release.
In a statement, Spanish police said the alleged ringleader of the hackers used phishing techniques to steal passwords to break into at least 45 companies in the United States, which allowed the companies’ internal information and cryptocurrencies to be stolen. According to police, the accused hacker had control of $27 million in cryptocurrency at the time of his arrest.
ONE video of the suspect’s arrest posted by police on YouTube.
Spanish police have not named the person charged or the cybercrime group he allegedly led. An FBI spokesman declined to comment when contacted by TechCrunch.
TechCrunch understands the person being arrested is the alleged leader of the group that masterminded the cyberattacks targeting Twilio in 2022, according to a person with knowledge of the cybercrime operations.
The arrested man allegedly led a hacker group called “0ktapus” that hacked twice into Twilio, a company that provides calling and messaging services to other companies. The months-long hacking spree during 2022 captured nearly 10,000 employee passwords that were then used to break into Twilio customers’ networks. The gang targeted over a hundred Twilio customers, including DoorDash and Signal, using phishing lures designed to look like Okta login pages, for which the group lends its name.
TechCrunch is not naming the alleged suspect as it is unclear if he has yet been charged with any crimes.
The arrest comes nearly two years after the 0ktapus gang first emerged as a cybercrime player, underscoring the complexity of investigating some cybercrime groups.
The hackers are said to be part of a wider cybercriminal community, dubbed “the Com” by researchers, which has emerged in recent years as a large cloud network of mostly young adults that excels at social engineering and impersonation tactics, such as tricking employees into hand over their corporate passwords. According to Cyberscoop, the FBI recently described Com as “a very large, expansive, disbursing group of people” around 1,000 people worldwide are said to participate. Some of Com’s activities have involved the use of physical violence and threatsincluding attacks against sparring hackers.
Those linked to Com, albeit through different names and group references, have been accused of cyberattacks targeting Las Vegas casino giants MGM and Caesars Entertainment.
Earlier this year, US prosecutors charged a 19-year-old Florida resident with multiple counts of wire fraud, identity theft and conspiracy. Security reporter Brian Krebs linked the alleged hacker to the 0ktapus gang.
