Hacking gang shut down

For the first time in Spain, the National Police has struck a blow against a network of hackers connected to the Dominican Don’t Play (DDP) youth gang, which used financing through cybercrime to pay for the ‘war’ between rival groups, acquire weapons, narcotics and send money to its members in prison. In total there are 66 detainees, including 19 members of various ‘choirs’ of the gang in Madrid, after making 19 entries and searches in the capital, Getafe, Pozuelo and Soria.

According to the National Police, the criminal organisation, which managed to capture half a million euro, carried out bank fraud through social engineering techniques throughout Spain, using the knowledge of nine hackers of Brazilian nationality. The investigation, which dates back to September 2021, is coordinated by the Investigating Court number 36 of Madrid.

So far, a total of 59 victims have been detected throughout Spain and it is estimated that the money defrauded exceeds 500,000 euro, of which 30% was derived from DDP’s criminal activity and the rest from the hacker network. The organisation had crypto wallets worth more than two million euro.

Two pistols, three shotguns, five machetes, a katana, ammunition, cash, and various items related to the Dominican Don’t Play have been seized. The network invested in virtual currencies and diverted assets in favour of members of the DDP and towards ‘mules’ captured by the gang, specifically in the ‘choirs’ of Embajadores, Arganzuela, Alcobendas, Ciudad Lineal and Leganés.

“This is a qualitative leap in the financing network of these gangs, who seek to outsource their networks with allies from other criminal groups”, explained José García Serrano, from the Canillas Complex, the team of investigators led by the chief commissioner of the Brigade of Computer Fraud.

This is an ‘agreement’ devised for the benefit of both parties: hackers manage to increase their ability to move money and DDPs diversify their financing circuits through computer crimes known in police jargon as white-collar, among other things because they develop with greater anonymity than that obtained from common crime.

Those arrested -in the case of DDP, most of them second-generation Spaniards, although there are also from South America, Romania or Morocco- are considered presumably responsible for the crimes of belonging to a criminal organisation, bank fraud, trafficking in human beings for the purpose of committing crimes, drug trafficking, illegal possession of weapons, attempted murder, extortion and identity theft.

The investigators have been able to prove that the members of the DDP used minors to carry out various criminal activities under the promise of belonging or progressing in the gang. They were instructed to commit crimes from the occupations of buildings, purchase of drugs, robberies, “overturns” of rival gangs and even murders.

In this sense, the Police have proven that two members of the DDP presumably ordered the attempted murder of a former member of the Trinidadians, a group with whom they had a pending revenge since 2009. The event occurred on June 5, when two young men entered a Madrid cider house and shot a waiter who had belonged to the Trinitarians.

One of those arrested now, in addition, forced the authors to keep the phone on when they were in the bar to be able to listen live to the development of the assignment. Later, another member of the DDP who had also ordered the murder was arrested. “DDP and Trinitarios are on a par right now”, the police commanders have recognised the rivalry between gangs, before which they have reinforced the means to stop this type of crime.

Once the agents began to trace the origin of the money, they were able to find out that it had its origin in the commission of computer crimes carried out through social engineering techniques, following the hackers’ strategy.

In this way, they used techniques known as ‘phishing’ through fraudulent emails, ‘vishing’ to steal banking information with fraudulent websites and phone calls or ‘smishing’, which uses text messages to make the user believe that they have made a fraudulent purchase, which leads to the theft of bank details.

In addition, the investigators detected that, after the actions committed by the hackers, they carried out patrimonial diversions in favour of members of the DDP and towards ‘mules’ captured by the gang. Subsequently, the money was withdrawn by the members of the gang at ATMs to then invest it in virtual currencies, verifying that some of the cryptocurrencies of those investigated had virtual currency worth more than two million euro.