Spanish Police Shut Down €140 Million Cybercrime Network in Major Operation
Spanish National Police have dismantled a cybercrime operation linked to the theft and laundering of approximately €140 million via fraudulent investment platforms, CEO fraud, invoice manipulation, and man-in-the-middle attacks.
Key Details of the Operation
The operation involved four individuals detained in Portugal, Spain, and Panama. Law enforcement detected 19 entities with suspicious financial patterns, leading to an investigation into banking records, corporate registrations, and account-opening procedures.
Suspects and Locations
Four individuals were detained: two in Portugal, one in Spain, and one in Panama. The primary suspect had relocated to Porto, Portugal, where a raid was executed.
Methods Used
The suspects established over 800 bank accounts to receive illicit proceeds, which were rapidly redistributed through a secondary network to obscure the criminal funds. The operation also included CEO fraud schemes and invoice manipulation.
“The suspects established a system of over 800 bank accounts to receive illicit proceeds from victims,” authorities stated. “These funds were rapidly redistributed through a secondary network of accounts, creating a transaction chain that obscured the criminal proceeds.”
Investigation and Arrests
Law enforcement conducted raids across six sites in Barcelona, Girona, and Tarragona, Spain, as well as in Porto, Portugal. A separate arrest occurred in Panama with assistance from Interpol and local authorities.
Operation Details
Investigators used surveillance, wiretaps, and collaboration with global partners to trace the network. Over 170 mobile devices and 15 computers used for fraudulent activities were seized.
Seizures and Ongoing Efforts
More than €94 million has been traced within the network, alongside €61 million stolen in 2024 through a CEO fraud scheme. €3 million in illicit funds was frozen for potential restitution to victims.
Global Connections and Future Steps
Investigators continue to assess the group’s global connections. The operation highlights the complexity of cross-border cybercrime and the need for international cooperation.
