Guacamaya (hacktivist group)
Guacamaya is an international group of hackers that has published anonymous reports and leaked sensitive files in the public interest through Distributed Denial of Secrets and Enlace Hacktivista. It operates mainly in Central and Latin America and to date has hacked major corporations and the governments of Chile, Colombia, El Salvador, Guatemala, Mexico and Peru.[1][2][3]
Motivation
The group says they're motivated by anti-imperialism and environmentalism, and that they fight against transnational corporations and external intervention in Latin America, singling out extractivism and the armed forces and the defense of natural resources and native communities.[1][4][5][6]
The group said they wanted to expose companies and governments, "so that everyone knows their way of operating, their actions, their profits and the interest that is clearly to profit no matter the damage they cause." Guacamaya told Motherboard in an email. "These hacks are another form of struggle and resistance, they are the continuation of an ancestral legacy; taking care of life. We hope to cause more people to join, to leak, sabotage, and hack these sources of oppression and injustice, so that the truth be known and that it is the people who decide to end it."[1] They told Cyberscoop that they target "anything that represents oppressive states, multinational corporations and, in short, anything that supports this system of death."[3]
Hacks
Attacks on transnational companies
In 2022, the group said they were responsible for a series of cyberattacks aimed at large mining companies in Latin America, including the Colombian oil company New Granada Energy Corporation, the Brazilian mining company Tejucana, the Venezuelan oil company Oryx Resources, the Ecuadorian state-owned mining company ENAMI EP, and the Chilean boric acid producer Quiborax.[1]
2022 Guatemalan Nickel Company Hack
In March 2022, Guacamaya first became known by hacking the mining company Compañía Guatemalteca de Níquel (CGN), a subsidiary of Solway Investment Group. The leaked documents reveal payments to Guatemalan Police who persecuted and detained activists and journalists who opposed the "Fénix" mining project in El Estor, Guatemala.[7]
Operation Fuerzas Represivas
In mid-2022, the group announced Operation Fuerzas Represivas, a series of cyberattacks aimed at the armed forces of Chile, Colombia, Mexico, Peru, and El Salvador.[8][9]
Hacking of the Joint Chiefs of Staff of Chile in 2022
In 2022, the Chilean press reported on the hacking of the Chilean Joint Chiefs of Staff (EMCO), a massive leak of national security data. The leak was made up of emails sent and received between 2012 and May 2022 by EMCO, the agency in charge of intelligence, operations and logistics for national defence purposes.[8] General Guillermo Paiva Hernández, head of the country’s Joint Chiefs of Staff, resigned in response to the leak.[10]
Hacking of Mexico's National Defense Ministry (SEDENA) in 2022
On September 29, 2022, Mexican journalist Carlos Loret de Mola announced on his newscast that he had received six terabytes of hacked data from the Mexican Ministry of National Defense.[11] The leak, which contains internal communications and documents from the army's email servers from 2010 to 2022, is considered the largest in the history of Mexico.[12] Citing privacy concerns, the Guacamaya group categorized the data set as limited distribution. Journalists and organizations seeking access must provide credentials and agree to reproduce the records responsibly.
Known as the "SEDENA Leaks" or the "Guacamaya Leaks," the data set reveals the Mexican military's links to criminal organizations and the army's surveillance of opposition groups, politicians, journalists, and activists.[13][14][15] Among the revelations, the leaks demonstrate widespread sexual abuse within the army and the targeting of feminists groups as subversive organizations that pose a threat equal to cartels.[16][17] They also show the military's use of the Pegasus spyware and its deployment against journalists, human rights activists, and government officials.[18][19][20] The leak reveals new details of the army's role in the Ayotzinapa case where forty-three students were forcibly disappeared.[21][22][23] Information on the health of President Andrés Manuel López Obrador, army contracts for the construction of the Mayan train, and the military's development of a tourist business, including parks, a national airline, museums, and hotels are also included in the leaked data.[24][25]
The Mexican government's response to the hack has attempted to minimize and even deny the revelations. López Obrador, whose presidential campaign promised to end state surveillance of private citizens, continues to insist that his administration "does not spy."[26][27]
Hacking of the Joint Command of the Armed Forces of Peru in 2022
In October 2022, a report in La Encerrona revealed a massive leak of military intelligence data Joint Command of the Armed Forces of Peru (CCFFAA). The report gave special focus to the Southern Operational Command of the Army.[28] The leaks revealed the military was monitoring reporters, left-wing parties and figures, and that they labeled civil organizations as a threat because they "infiltrate and advise the population against mining." The Peruvian military threatened to bring treason charges against a journalist with the independent Peruvian news outlet La Encerrona for reporting on the leak.[3]
References
- "Meet the Environmental Hacktivists Trying to 'Sabotage' Mining Companies". www.vice.com. Retrieved 2022-11-08.
- "Mexican president confirms 'Guacamaya' hack targeting regional militaries". The Record by Recorded Future. 2022-09-30. Retrieved 2022-11-08.
- "The politics and power of Latin American hacktivists Guacamaya". CyberScoop. 2023-01-19. Retrieved 2023-01-25.
- Laborde, Antonia (2022-09-24). "Una filtración de correos fuerza la salida del jefe del Estado Mayor de Chile". El País Chile (in Spanish). Retrieved 2022-11-08.
- "'Guacamaya', el grupo de hackers que ataca multinacionales y fuerzas armadas de América Latina" (in Spanish). Retrieved 2022-11-08.
- "Hacking collective behind the "Mining Secrets" leak : "The struggle of one territory must be the struggle of all" | Forbidden Stories". forbiddenstories.org. Retrieved 2022-11-08.
- "Filtración de documentos confirma cooptación del Estado guatemalteco por empresa minera | ElFaro.net". elfaro.net. Retrieved 2022-11-08.
- Laborde, Antonia (2022-09-24). "Una filtración de correos fuerza la salida del jefe del Estado Mayor de Chile". El País Chile (in Spanish). Retrieved 2022-11-08.
- Mostrador, El (2022-09-20). "Autoridades del Ministerio de Defensa serán citadas a comisión del Senado, tras filtración de 400 mil correos del Estado Mayor Conjunto de las FF.AA". El Mostrador (in Spanish). Retrieved 2022-11-08.
- "Chile's top general resigns over intel leak". MercoPress. Retrieved 2023-01-25.
- "Loret Capítulo 96". Latin US (in Mexican Spanish). 2022-09-30. Retrieved 2023-06-06.
- "La mayor filtración de la historia de México deja al descubierto los 'secretos' de AMLO". El Financiero (in Spanish). Retrieved 2022-11-08.
- Secrets, Distributed Denial of (2022-10-11). "Limited distribution: Secretaría de la Defensa Nacional México (6 TBs)". Distributed Email of Secrets. Retrieved 2023-06-06.
- "Massive Leak of Military Docs Reveals Mexico Armed Cartels, Surveilled Journalists & Zapatistas". Democracy Now!. Retrieved 2023-06-06.
- "Ken Salazar, con marcaje personal de la Sedena". El Universal (in Spanish). Retrieved 2023-06-06.
- Reina, Georgina Zerega, Elena (2022-10-02). ""Tengo miedo de que me hagan daño": los correos del Ejército mexicano desvelan decenas de abusos sexuales en la institución". El País México (in Mexican Spanish). Retrieved 2022-11-08.
{{cite web}}
: CS1 maint: multiple names: authors list (link) - "Correos Sedena: el Ejército vigila a colectivos feministas y los clasifica a la par de organizaciones subversivas". Latin US (in Mexican Spanish). 2022-10-02. Retrieved 2022-11-08.
- Kitroeff, Natalie; Bergman, Ronen (2023-03-07). "Spying by Mexico's Armed Forces Brings Fears of a 'Military State'". The New York Times. ISSN 0362-4331. Retrieved 2023-06-06.
- "#EjércitoEspía: los casos de Pegasus en el sexenio de López Obrador". Aristegui Noticias (in Spanish). Retrieved 2022-11-08.
- Kitroeff, Natalie; Bergman, Ronen (2023-05-22). "He Was Investigating Mexico's Military. Then the Spying Began". The New York Times. ISSN 0362-4331. Retrieved 2023-06-06.
- "Guacamaya Leaks and the Ayotzinapa Case | National Security Archive". nsarchive.gwu.edu. 2023-03-10. Retrieved 2023-06-06.
- "#SedenaLeaks: La secreta "Operación Limpieza" del Ejército en el caso Ayotzinapa - MCCI". contralacorrupcion.mx (in European Spanish). Retrieved 2022-11-08.
- "Mexico's Missing: 100,000+ Cases Unsolved as Leaked Military Docs Shed New Light on Ayotzinapa 43". Democracy Now!. 2023-03-15.
- "Hackers obtienen información de Sedena; revelan enfermedades de AMLO". ADNPolítico (in Spanish). 2022-09-30. Retrieved 2022-11-08.
- "Correos Sedena: el "business plan" del Ejército que busca administrar una mega agencia de turismo con parques, aerolínea, museos y hoteles". Latin US (in Mexican Spanish). 2022-10-03. Retrieved 2022-11-08.
- Camhaji, Elías (2022-10-05). "La Sedena rompe el silencio tras la filtración masiva de Guacamaya y niega las acusaciones de espionaje a periodistas". El País México (in Mexican Spanish). Retrieved 2023-06-06.
- AMLO niega que se espíe a periodistas y opositores, retrieved 2023-06-06
- PERÚ, NOTICIAS EL COMERCIO (2022-10-06). "Elecciones 2022 | Hackean a Ejército peruano y revelan existencia de informes de seguimiento a postulantes de las Elecciones Regionales y Municipales, según reporte | VIDEO Guacamaya Leaks rmmn | POLITICA". El Comercio Perú (in Spanish). Retrieved 2022-11-08.