Security News Kelvin Security hacking group leader arrested in Spain


Level 76
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
The Spanish police have arrested one of the alleged leaders of the 'Kelvin Security' hacking group, which is believed to be responsible for 300 cyberattacks against organizations in 90 countries since 2020.

News of the arrest of a leader of the financial component of the group was posted to the Spanish National Police's Telegram channel Sunday morning, stating that the threat actors are linked to attacks on government institutions across Spain, Germany, Italy, Argentina, Chile, Japan, and the United States.

"The group's main objectives are critical infrastructure and government institutions, having attacked the City Councils of Getafe (Madrid), Camas (Seville), La Haba (Badajoz) and the Government of Castilla-La Mancha in Spain," reads the machine-translated Telegram post.

Kelvin Security is a hacking group believed to have been active since 2013, leveraging vulnerabilities in public-facing systems to obtain valid user credentials and steal confidential data from breached systems.

The threat actors were active on hacking forums, such as RaidForums and BreachForums, where they would sell the stolen data or leak it for free to other threat actors.

Two notable examples of Kelvin Security breaches are an attack on Vodafone Italia in November 2022 and a breach on U.S. consulting firm Frost & Sullivan in June 2020.

In both cases, Kelvin Security attempted to sell the data they had obtained from the victimized companies on hacker forums.

More recently, in April 2023, cybersecurity firm Cyfirma reported discovering links between Kelvin Security and ARES, a newly-emerged cybercrime platform dedicated to selling databases stolen from state organizations.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.