Guacamaya (hacktivist group)

Last updated

Guacamaya (Spanish for 'macaw') is an international group of hackers that has published anonymous reports and leaked sensitive files in the public interest through Distributed Denial of Secrets and Enlace Hacktivista. It operates mainly in Central and Latin America and to date has hacked major corporations and the governments of Chile, Colombia, El Salvador, Guatemala, Mexico and Peru. [1] [2] [3]

Contents

Motivation

The group says they're motivated by anti-imperialism and environmentalism, and that they fight against transnational corporations and external intervention in Latin America, singling out extractivism and the armed forces and the defense of natural resources and native communities. [1] [4] [5] [6]

The group said they wanted to expose companies and governments, "so that everyone knows their way of operating, their actions, their profits and the interest that is clearly to profit no matter the damage they cause." Guacamaya told Motherboard in an email. "These hacks are another form of struggle and resistance, they are the continuation of an ancestral legacy; taking care of life. We hope to cause more people to join, to leak, sabotage, and hack these sources of oppression and injustice, so that the truth be known and that it is the people who decide to end it." [1] They told Cyberscoop that they target "anything that represents oppressive states, multinational corporations and, in short, anything that supports this system of death." [3]

Hacks

Attacks on transnational companies

In 2022, the group said they were responsible for a series of cyberattacks aimed at large mining companies in Latin America, including the Colombian oil company New Granada Energy Corporation, the Brazilian mining company Tejucana, the Venezuelan oil company Oryx Resources, the Ecuadorian state-owned mining company ENAMI EP, and the Chilean boric acid producer Quiborax. [1]

2022 Guatemalan Nickel Company Hack

In March 2022, Guacamaya first became known by hacking the mining company Compañía Guatemalteca de Níquel (CGN), a subsidiary of Solway Investment Group. The leaked documents reveal payments to Guatemalan Police who persecuted and detained activists and journalists who opposed the "Fénix" mining project in El Estor, Guatemala. [7]

Operation Fuerzas Represivas

In mid-2022, the group announced Operation Fuerzas Represivas, a series of cyberattacks aimed at the armed forces of Chile, Colombia, Mexico, Peru, and El Salvador. [4] [8]

Hacking of the Joint Chiefs of Staff of Chile in 2022

In 2022, the Chilean press reported on the hacking of the Chilean Joint Chiefs of Staff (EMCO), a massive leak of national security data. The leak was made up of emails sent and received between 2012 and May 2022 by EMCO, the agency in charge of intelligence, operations and logistics for national defence purposes. [4] General Guillermo Paiva Hernández, head of the country’s Joint Chiefs of Staff, resigned in response to the leak. [9]

Hacking of Mexico's National Defense Ministry (SEDENA) in 2022

On September 29, 2022, Mexican journalist Carlos Loret de Mola announced on his newscast that he had received six terabytes of hacked data from the Mexican Ministry of National Defense. [10] The leak, which contains internal communications and documents from the army's email servers from 2010 to 2022, is considered the largest in the history of Mexico. [11] Citing privacy concerns, the Guacamaya group categorized the data set as limited distribution. Journalists and organizations seeking access must provide credentials and agree to reproduce the records responsibly.

Known as the "SEDENA Leaks" or the "Guacamaya Leaks," the data set reveals the Mexican military's links to criminal organizations and the army's surveillance of opposition groups, politicians, journalists, and activists. [12] [13] [14] Among the revelations, the leaks demonstrate widespread sexual abuse within the army and the targeting of feminists groups as subversive organizations that pose a threat equal to cartels. [15] [16] They also show the military's use of the Pegasus spyware and its deployment against journalists, human rights activists, and government officials. [17] [18] [19] The leak reveals new details of the army's role in the Ayotzinapa case where forty-three students were forcibly disappeared. [20] [21] [22] Information on the health of President Andrés Manuel López Obrador, army contracts for the construction of the Mayan train, and the military's development of a tourist business, including parks, a national airline, museums, and hotels are also included in the leaked data. [23] [24]

The Mexican government's response to the hack has attempted to minimize and even deny the revelations. López Obrador, whose presidential campaign promised to end state surveillance of private citizens, continues to insist that his administration "does not spy." [25] [26]

Hacking of the Joint Command of the Armed Forces of Peru in 2022

In October 2022, a report in La Encerrona revealed a massive leak of military intelligence data Joint Command of the Armed Forces of Peru (CCFFAA). The report gave special focus to the Southern Operational Command of the Army. [27] The leaks revealed the military was monitoring reporters, left-wing parties and figures, and that they labeled civil organizations as a threat because they "infiltrate and advise the population against mining." The Peruvian military threatened to bring treason charges against a journalist with the independent Peruvian news outlet La Encerrona for reporting on the leak. [3]

NarcoFiles

In November 2023, the Organized Crime and Corruption Reporting Project joined with more than 40 media partners including Cerosetenta / 070, Vorágine, the Centro Latinoamericano de Investigación Periodística (CLIP) and Distributed Denial of Secrets and journalists in 23 countries and territories for the largest investigative project on organized crime to originate in Latin America, producing the 'NarcoFiles' report. The investigation was based on more than seven million emails from the Colombian prosecutor’s office which had been hacked by Guacamaya, including correspondence with embassies and authorities around the world. The files dated from 2001-2022 and included audio clips, PDFs, spreadsheets, and calendars. [28] [29] The investigation revealed new details about the global drug trade and over 44 tons of "controlled deliveries" carried out to infiltrate the drug trade [30] [31] and how criminals corrupt politicians, bankers, accountants, lawyers, law enforcement agents, hackers, logistics experts, and journalists in order to use logistical, financial, and digital infrastructures. [32]

See also

Related Research Articles

<span class="mw-page-title-main">Mexican Air Force</span> Air warfare branch of the Mexican Army

The Mexican Air Force is the air service branch of the Mexican Armed Forces. It is a component of the Mexican Army and depends on the National Defense Secretariat (SEDENA). The objective of the FAM is to defend the integrity, independence, and sovereignty of Mexico. Its auxiliary tasks include internal security, assisting with public works, and natural disaster management. As of 2023, its commander is Bertín Hernández Mercado.

<span class="mw-page-title-main">Iguala</span> City in the Mexican state of Guerrero

Iguala, known officially as Iguala de la Independencia, is a historic city located 102 km (63 mi) from the state capital of Chilpancingo, in the Mexican state of Guerrero in southwestern Mexico.

<span class="mw-page-title-main">Mexican Army</span> Combined land and air branches of the Mexican Armed Forces

The Mexican Army is the combined land and air branch and is the largest part of the Mexican Armed Forces; it is also known as the National Defense Army.

The Mexican Secretariat of National Defense(SEDENA); Spanish: Secretaría de la Defensa Nacional is the government department responsible for managing Mexico's Army and Air Forces. Its head is the Secretary of National Defense who, like the co-equal Secretary of the Navy, is directly answerable to the President. Before 1937, the position was called the Secretary of War and Navy (Secretaría de Guerra y Marina). The agency has its headquarters in Lomas de Sotelo, Miguel Hidalgo, Mexico City. Some key figures who answer directly to the Secretary are the Assistant Secretary, the Chief of Staff of the Armed Forces, and all military tribunals.

Firearms regulation in Mexico is governed by legislation which sets the legality by which members of the armed forces, law enforcement and private citizens may acquire, own, possess and carry firearms; covering rights and limitations to individuals—including hunting and shooting sport participants, property and personal protection personnel such as bodyguards, security officers, private security, and extending to VIPs.

<span class="mw-page-title-main">FX-05 Xiuhcoatl</span> Mexican assault rifle

The FX-05 Xiuhcoatl is a Mexican assault rifle, designed and built by the Dirección General de Industria Militar del Ejército through the Fabricas Militares. The rifle was officially presented in the military parade on September 16, 2006, in the hands of the Special Forces Airmobile Group, GAFE.

<span class="mw-page-title-main">Office of the Attorney General of Colombia</span>

The Office of the Attorney General of Colombia is the Colombian institution part of the Colombian judicial branch of Government with administrative autonomy designed to prosecute offenders, investigate crimes, review judicial processes and accuse penal law infractions against judges and courts of justice. The Office of the Attorney General was created by the Colombian Constitution of 1991 and began operating on July 1, 1992.

<span class="mw-page-title-main">Campo Marte</span>

Campo Marte is a venue under the administration of the Secretariat of National Defense (SEDENA). Named after the Campus Martius, it is used for military and government events, as well as equestrian events. Campo Marte is located next to the National Auditorium in Chapultepec Park, Mexico City.

The Organized Crime and Corruption Reporting Project (OCCRP) is a global network of investigative journalists with staff on six continents. It was founded in 2006 and specializes in organized crime and corruption.

<span class="mw-page-title-main">Salvador Cienfuegos</span> Mexican army officer and politician (born 1948)

Salvador Cienfuegos Zepeda is a retired Mexican Army officer. He served as the Secretary of National Defense in the government of President Enrique Peña Nieto from 2012 to 2018.

<span class="mw-page-title-main">Iguala mass kidnapping</span> 2014 abduction of college students

On September 26, 2014, forty-three male students disappeared from the Ayotzinapa Rural Teachers' College after being forcibly abducted in Iguala, Guerrero, Mexico. They were allegedly taken into custody by local police officers from Iguala and Cocula in collusion with organized crime. The mass kidnapping provoked international protests and social unrest, leading to the resignation of Guerrero Governor Ángel Aguirre Rivero in the face of statewide protests on October 23, 2014.

<span class="mw-page-title-main">Phineas Fisher</span> Hacktivist

Phineas Fisher is an unidentified hacktivist and self-proclaimed anarchist revolutionary. Notable hacks include the surveillance company Gamma International, Hacking Team, the Sindicat De Mossos d'Esquadra and the ruling Turkish Justice and Development Party three of which were later made searchable by WikiLeaks.

<span class="mw-page-title-main">Érick Valencia Salazar</span> Mexican gangster

Érick Valencia Salazar, commonly referred to by his alias El 85, is a Mexican drug lord and high-ranking leader of the Nueva Plaza Cartel. He previously served as a high-ranking leader of the Jalisco New Generation Cartel (CJNG), a criminal group based in Jalisco. The Mexican Army suspects he was responsible for supervising the CJNG's cocaine and ephedrine delivery shipments from Colombia and China to Mexico, and for coordinating attacks against rival groups like La Resistencia and Los Zetas in the 2010s. Before leading the CJNG, Valencia reportedly held a leadership role within the Milenio Cartel, the predecessor group where the CJNG originated from. When several of his superiors were arrested and/or killed, Valencia and several others from the Milenio Cartel reportedly formed the CJNG.

<span class="mw-page-title-main">Distributed Denial of Secrets</span> Whistleblowing organization

Distributed Denial of Secrets, abbreviated DDoSecrets, is a non-profit whistleblower site founded in 2018 for news leaks. The site is a frequent source for other news outlets and has worked on investigations including Cyprus Confidential with other media organisations. In December 2023, the organisation said it had published over 100 million files from 59 countries.

Suisse Secrets was a February 2022 leak of details of more than CHF 100 billion held in nominee accounts linked to over 30,000 clients of Credit Suisse, the largest ever leak from a major Swiss bank. It revealed that autocrats, oligarchs, war criminals, human traffickers and drug dealers had accounts with Credit Suisse, a failure of the bank to apply due diligence. Swiss media was disallowed from publishing any investigatory work due to strict banking secrecy laws, which brought up their collective concern that such laws run contrary to freedom of the press.

<span class="mw-page-title-main">4th Army Division (Peru)</span> Division of the Peruvian Army

The 4th Army Division is a unit of the Peruvian Army.

Operation Mongoose Azteca is the code name for a joint operation carried out by US and Mexican intelligence and military forces to detect the criminal activities of the Sinaloa Cartel and which led to the capture of the son of Joaquín "El Chapo" Guzmán, Ovidio Guzmán López, aka "El Ratón". After this successful operation, several municipalities including the capital of the state of Sinaloa, Culiacán, were the target of road blockades, gun fights and several other riots, orchestrated by militant forces of the Sinaloa Cartel. After constant tracking and joint intelligence activities between the United States and Mexico, a Sinaloa Cartel convoy was located in the town of Jesus María, where Ovidio Guzmán was recaptured.

The SAX-200 Xiuhcóatl is a 5.56×45mm NATO submachine gun for exclusive use by the Mexican Army and Air Force developed by the Centro de Investigación Aplicada y Desarrollo Tecnológico de la Industria Militar and produced by Dirección General de Industria Militar.

Los Ninis are the main armed wing of the faction of the Sinaloa Cartel, known as Los Chapitos. Made up of loyal young hit men between the ages of 20 and 35, well-trained in urban combat operations, they operate as a security force for the leaders of that faction, as well as to torture and kill anyone who opposed Los Chapitos. They are also given tasks such as monitoring and taking care of drug laboratories, cartel camps and drug trafficking routes.

References

  1. 1 2 3 4 "Meet the Environmental Hacktivists Trying to 'Sabotage' Mining Companies". www.vice.com. Archived from the original on 2022-11-08. Retrieved 2022-11-08.
  2. "Mexican president confirms 'Guacamaya' hack targeting regional militaries". The Record by Recorded Future. 2022-09-30. Archived from the original on 2022-11-08. Retrieved 2022-11-08.
  3. 1 2 3 "The politics and power of Latin American hacktivists Guacamaya". CyberScoop. 2023-01-19. Archived from the original on 2023-01-24. Retrieved 2023-01-25.
  4. 1 2 3 Laborde, Antonia (2022-09-24). "Una filtración de correos fuerza la salida del jefe del Estado Mayor de Chile". El País Chile (in Spanish). Archived from the original on 2022-10-12. Retrieved 2022-11-08.
  5. "'Guacamaya', el grupo de hackers que ataca multinacionales y fuerzas armadas de América Latina" (in Spanish). Archived from the original on 2022-11-21. Retrieved 2022-11-08.
  6. "Hacking collective behind the "Mining Secrets" leak : "The struggle of one territory must be the struggle of all" | Forbidden Stories". forbiddenstories.org. Archived from the original on 2022-11-04. Retrieved 2022-11-08.
  7. "Filtración de documentos confirma cooptación del Estado guatemalteco por empresa minera | ElFaro.net". elfaro.net. Archived from the original on 2022-11-21. Retrieved 2022-11-08.
  8. Mostrador, El (2022-09-20). "Autoridades del Ministerio de Defensa serán citadas a comisión del Senado, tras filtración de 400 mil correos del Estado Mayor Conjunto de las FF.AA". El Mostrador (in Spanish). Archived from the original on 2022-10-20. Retrieved 2022-11-08.
  9. "Chile's top general resigns over intel leak". MercoPress. Archived from the original on 2023-01-25. Retrieved 2023-01-25.
  10. "Loret Capítulo 96". Latin US (in Mexican Spanish). 2022-09-30. Archived from the original on 2023-06-06. Retrieved 2023-06-06.
  11. "La mayor filtración de la historia de México deja al descubierto los 'secretos' de AMLO". El Financiero (in Spanish). Archived from the original on 2022-10-14. Retrieved 2022-11-08.
  12. Secrets, Distributed Denial of (2022-10-11). "Limited distribution: Secretaría de la Defensa Nacional México (6 TBs)". Distributed Email of Secrets. Archived from the original on 2023-06-06. Retrieved 2023-06-06.
  13. "Massive Leak of Military Docs Reveals Mexico Armed Cartels, Surveilled Journalists & Zapatistas". Democracy Now!. Archived from the original on 2023-05-18. Retrieved 2023-06-06.
  14. "Ken Salazar, con marcaje personal de la Sedena". El Universal (in Spanish). Archived from the original on 2023-06-06. Retrieved 2023-06-06.
  15. Reina, Georgina Zerega, Elena (2022-10-02). ""Tengo miedo de que me hagan daño": los correos del Ejército mexicano desvelan decenas de abusos sexuales en la institución". El País México (in Mexican Spanish). Archived from the original on 2022-11-08. Retrieved 2022-11-08.{{cite web}}: CS1 maint: multiple names: authors list (link)
  16. "Correos Sedena: el Ejército vigila a colectivos feministas y los clasifica a la par de organizaciones subversivas". Latin US (in Mexican Spanish). 2022-10-02. Archived from the original on 2022-11-03. Retrieved 2022-11-08.
  17. Kitroeff, Natalie; Bergman, Ronen (2023-03-07). "Spying by Mexico's Armed Forces Brings Fears of a 'Military State'". The New York Times. ISSN   0362-4331. Archived from the original on 2023-06-06. Retrieved 2023-06-06.
  18. "#EjércitoEspía: los casos de Pegasus en el sexenio de López Obrador". Aristegui Noticias (in Spanish). Archived from the original on 2022-11-18. Retrieved 2022-11-08.
  19. Kitroeff, Natalie; Bergman, Ronen (2023-05-22). "He Was Investigating Mexico's Military. Then the Spying Began". The New York Times. ISSN   0362-4331. Archived from the original on 2023-06-05. Retrieved 2023-06-06.
  20. "Guacamaya Leaks and the Ayotzinapa Case | National Security Archive". nsarchive.gwu.edu. 2023-03-10. Archived from the original on 2023-06-06. Retrieved 2023-06-06.
  21. "#SedenaLeaks: La secreta "Operación Limpieza" del Ejército en el caso Ayotzinapa - MCCI". contralacorrupcion.mx (in European Spanish). Archived from the original on 2022-11-03. Retrieved 2022-11-08.
  22. "Mexico's Missing: 100,000+ Cases Unsolved as Leaked Military Docs Shed New Light on Ayotzinapa 43". Democracy Now!. 2023-03-15. Archived from the original on 2023-06-17. Retrieved 2023-06-22.
  23. "Hackers obtienen información de Sedena; revelan enfermedades de AMLO". ADNPolítico (in Spanish). 2022-09-30. Archived from the original on 2022-11-03. Retrieved 2022-11-08.
  24. "Correos Sedena: el "business plan" del Ejército que busca administrar una mega agencia de turismo con parques, aerolínea, museos y hoteles". Latin US (in Mexican Spanish). 2022-10-03. Archived from the original on 2022-11-07. Retrieved 2022-11-08.
  25. Camhaji, Elías (2022-10-05). "La Sedena rompe el silencio tras la filtración masiva de Guacamaya y niega las acusaciones de espionaje a periodistas". El País México (in Mexican Spanish). Archived from the original on 2023-06-06. Retrieved 2023-06-06.
  26. AMLO niega que se espíe a periodistas y opositores, archived from the original on 2023-06-06, retrieved 2023-06-06
  27. PERÚ, NOTICIAS EL COMERCIO (2022-10-06). "Elecciones 2022 | Hackean a Ejército peruano y revelan existencia de informes de seguimiento a postulantes de las Elecciones Regionales y Municipales, según reporte | VIDEO Guacamaya Leaks rmmn | POLITICA". El Comercio Perú (in Spanish). Archived from the original on 2022-11-27. Retrieved 2022-11-08.
  28. OCCRP. "What Is 'NarcoFiles: The New Criminal Order'? Everything You Need To Know". OCCRP. Retrieved 2023-12-24.
  29. Project, Organized Crime and Corruption Reporting. "NarcoFiles: The New Criminal Order". OCCRP. Retrieved 2023-12-24.
  30. "The Highway to Europe: Inside a Global Drug Collaboration - OCCRP". The Highway to Europe: Inside a Global Drug Collaboration - OCCRP. Retrieved 2023-12-24.
  31. Vélez (CLIP-OCCRP), Kevin G. Hall (OCCRP), Nathan Jaccard (OCCRP), Jacqueline Charles (Miami Herald), and Juanita. "Colombian Leak Gives Rare Glimpse Into Secretive World of 'Controlled' Drug Deliveries". OCCRP. Retrieved 2023-12-24.{{cite web}}: CS1 maint: multiple names: authors list (link)
  32. Radu, Paul. "The Transnational Public Enemy". OCCRP. Retrieved 2023-12-24.