Guacamaya (hacktivist group)

From Wikipedia, the free encyclopedia

Guacamaya (Spanish for 'macaw') is an international group of hackers that has published anonymous reports and leaked sensitive files in the public interest through Distributed Denial of Secrets and Enlace Hacktivista. It operates mainly in Central and Latin America and to date has hacked major corporations and the governments of Chile, Colombia, El Salvador, Guatemala, Mexico and Peru.[1][2][3]

Motivation[edit]

The group says they're motivated by anti-imperialism and environmentalism, and that they fight against transnational corporations and external intervention in Latin America, singling out extractivism and the armed forces and the defense of natural resources and native communities.[1][4][5][6]

The group said they wanted to expose companies and governments, "so that everyone knows their way of operating, their actions, their profits and the interest that is clearly to profit no matter the damage they cause." Guacamaya told Motherboard in an email. "These hacks are another form of struggle and resistance, they are the continuation of an ancestral legacy; taking care of life. We hope to cause more people to join, to leak, sabotage, and hack these sources of oppression and injustice, so that the truth be known and that it is the people who decide to end it."[1] They told Cyberscoop that they target "anything that represents oppressive states, multinational corporations and, in short, anything that supports this system of death."[3]

Hacks[edit]

Attacks on transnational companies[edit]

In 2022, the group said they were responsible for a series of cyberattacks aimed at large mining companies in Latin America, including the Colombian oil company New Granada Energy Corporation, the Brazilian mining company Tejucana, the Venezuelan oil company Oryx Resources, the Ecuadorian state-owned mining company ENAMI EP, and the Chilean boric acid producer Quiborax.[1]

2022 Guatemalan Nickel Company Hack[edit]

In March 2022, Guacamaya first became known by hacking the mining company Compañía Guatemalteca de Níquel (CGN), a subsidiary of Solway Investment Group. The leaked documents reveal payments to Guatemalan Police who persecuted and detained activists and journalists who opposed the "Fénix" mining project in El Estor, Guatemala.[7]

Operation Fuerzas Represivas[edit]

In mid-2022, the group announced Operation Fuerzas Represivas, a series of cyberattacks aimed at the armed forces of Chile, Colombia, Mexico, Peru, and El Salvador.[8][9]

Hacking of the Joint Chiefs of Staff of Chile in 2022[edit]

In 2022, the Chilean press reported on the hacking of the Chilean Joint Chiefs of Staff (EMCO), a massive leak of national security data. The leak was made up of emails sent and received between 2012 and May 2022 by EMCO, the agency in charge of intelligence, operations and logistics for national defence purposes.[8] General Guillermo Paiva Hernández, head of the country’s Joint Chiefs of Staff, resigned in response to the leak.[10]

Hacking of Mexico's National Defense Ministry (SEDENA) in 2022[edit]

On September 29, 2022, Mexican journalist Carlos Loret de Mola announced on his newscast that he had received six terabytes of hacked data from the Mexican Ministry of National Defense.[11] The leak, which contains internal communications and documents from the army's email servers from 2010 to 2022, is considered the largest in the history of Mexico.[12] Citing privacy concerns, the Guacamaya group categorized the data set as limited distribution. Journalists and organizations seeking access must provide credentials and agree to reproduce the records responsibly.

Known as the "SEDENA Leaks" or the "Guacamaya Leaks," the data set reveals the Mexican military's links to criminal organizations and the army's surveillance of opposition groups, politicians, journalists, and activists.[13][14][15] Among the revelations, the leaks demonstrate widespread sexual abuse within the army and the targeting of feminists groups as subversive organizations that pose a threat equal to cartels.[16][17] They also show the military's use of the Pegasus spyware and its deployment against journalists, human rights activists, and government officials.[18][19][20] The leak reveals new details of the army's role in the Ayotzinapa case where forty-three students were forcibly disappeared.[21][22][23] Information on the health of President Andrés Manuel López Obrador, army contracts for the construction of the Mayan train, and the military's development of a tourist business, including parks, a national airline, museums, and hotels are also included in the leaked data.[24][25]

The Mexican government's response to the hack has attempted to minimize and even deny the revelations. López Obrador, whose presidential campaign promised to end state surveillance of private citizens, continues to insist that his administration "does not spy."[26][27]

Hacking of the Joint Command of the Armed Forces of Peru in 2022[edit]

In October 2022, a report in La Encerrona revealed a massive leak of military intelligence data Joint Command of the Armed Forces of Peru (CCFFAA). The report gave special focus to the Southern Operational Command of the Army.[28] The leaks revealed the military was monitoring reporters, left-wing parties and figures, and that they labeled civil organizations as a threat because they "infiltrate and advise the population against mining." The Peruvian military threatened to bring treason charges against a journalist with the independent Peruvian news outlet La Encerrona for reporting on the leak.[3]

NarcoFiles[edit]

In November 2023, the Organized Crime and Corruption Reporting Project joined with more than 40 media partners including Cerosetenta / 070, Vorágine, the Centro Latinoamericano de Investigación Periodística (CLIP) and Distributed Denial of Secrets and journalists in 23 countries and territories for the largest investigative project on organized crime to originate in Latin America, producing the 'NarcoFiles' report. The investigation was based on more than seven million emails from the Colombian prosecutor’s office which had been hacked by Guacamaya, including correspondence with embassies and authorities around the world. The files dated from 2001-2022 and included audio clips, PDFs, spreadsheets, and calendars.[29][30] The investigation revealed new details about the global drug trade and over 44 tons of "controlled deliveries" carried out to infiltrate the drug trade[31][32] and how criminals corrupt politicians, bankers, accountants, lawyers, law enforcement agents, hackers, logistics experts, and journalists in order to use logistical, financial, and digital infrastructures.[33]

See also[edit]

References[edit]

  1. ^ a b c d "Meet the Environmental Hacktivists Trying to 'Sabotage' Mining Companies". www.vice.com. Archived from the original on 2022-11-08. Retrieved 2022-11-08.
  2. ^ "Mexican president confirms 'Guacamaya' hack targeting regional militaries". The Record by Recorded Future. 2022-09-30. Archived from the original on 2022-11-08. Retrieved 2022-11-08.
  3. ^ a b c "The politics and power of Latin American hacktivists Guacamaya". CyberScoop. 2023-01-19. Archived from the original on 2023-01-24. Retrieved 2023-01-25.
  4. ^ Laborde, Antonia (2022-09-24). "Una filtración de correos fuerza la salida del jefe del Estado Mayor de Chile". El País Chile (in Spanish). Archived from the original on 2022-10-12. Retrieved 2022-11-08.
  5. ^ "'Guacamaya', el grupo de hackers que ataca multinacionales y fuerzas armadas de América Latina" (in Spanish). Archived from the original on 2022-11-21. Retrieved 2022-11-08.
  6. ^ "Hacking collective behind the "Mining Secrets" leak : "The struggle of one territory must be the struggle of all" | Forbidden Stories". forbiddenstories.org. Archived from the original on 2022-11-04. Retrieved 2022-11-08.
  7. ^ "Filtración de documentos confirma cooptación del Estado guatemalteco por empresa minera | ElFaro.net". elfaro.net. Archived from the original on 2022-11-21. Retrieved 2022-11-08.
  8. ^ a b Laborde, Antonia (2022-09-24). "Una filtración de correos fuerza la salida del jefe del Estado Mayor de Chile". El País Chile (in Spanish). Archived from the original on 2022-10-12. Retrieved 2022-11-08.
  9. ^ Mostrador, El (2022-09-20). "Autoridades del Ministerio de Defensa serán citadas a comisión del Senado, tras filtración de 400 mil correos del Estado Mayor Conjunto de las FF.AA". El Mostrador (in Spanish). Archived from the original on 2022-10-20. Retrieved 2022-11-08.
  10. ^ "Chile's top general resigns over intel leak". MercoPress. Archived from the original on 2023-01-25. Retrieved 2023-01-25.
  11. ^ "Loret Capítulo 96". Latin US (in Mexican Spanish). 2022-09-30. Archived from the original on 2023-06-06. Retrieved 2023-06-06.
  12. ^ "La mayor filtración de la historia de México deja al descubierto los 'secretos' de AMLO". El Financiero (in Spanish). Archived from the original on 2022-10-14. Retrieved 2022-11-08.
  13. ^ Secrets, Distributed Denial of (2022-10-11). "Limited distribution: Secretaría de la Defensa Nacional México (6 TBs)". Distributed Email of Secrets. Archived from the original on 2023-06-06. Retrieved 2023-06-06.
  14. ^ "Massive Leak of Military Docs Reveals Mexico Armed Cartels, Surveilled Journalists & Zapatistas". Democracy Now!. Archived from the original on 2023-05-18. Retrieved 2023-06-06.
  15. ^ "Ken Salazar, con marcaje personal de la Sedena". El Universal (in Spanish). Archived from the original on 2023-06-06. Retrieved 2023-06-06.
  16. ^ Reina, Georgina Zerega, Elena (2022-10-02). ""Tengo miedo de que me hagan daño": los correos del Ejército mexicano desvelan decenas de abusos sexuales en la institución". El País México (in Mexican Spanish). Archived from the original on 2022-11-08. Retrieved 2022-11-08.{{cite web}}: CS1 maint: multiple names: authors list (link)
  17. ^ "Correos Sedena: el Ejército vigila a colectivos feministas y los clasifica a la par de organizaciones subversivas". Latin US (in Mexican Spanish). 2022-10-02. Archived from the original on 2022-11-03. Retrieved 2022-11-08.
  18. ^ Kitroeff, Natalie; Bergman, Ronen (2023-03-07). "Spying by Mexico's Armed Forces Brings Fears of a 'Military State'". The New York Times. ISSN 0362-4331. Archived from the original on 2023-06-06. Retrieved 2023-06-06.
  19. ^ "#EjércitoEspía: los casos de Pegasus en el sexenio de López Obrador". Aristegui Noticias (in Spanish). Archived from the original on 2022-11-18. Retrieved 2022-11-08.
  20. ^ Kitroeff, Natalie; Bergman, Ronen (2023-05-22). "He Was Investigating Mexico's Military. Then the Spying Began". The New York Times. ISSN 0362-4331. Archived from the original on 2023-06-05. Retrieved 2023-06-06.
  21. ^ "Guacamaya Leaks and the Ayotzinapa Case | National Security Archive". nsarchive.gwu.edu. 2023-03-10. Archived from the original on 2023-06-06. Retrieved 2023-06-06.
  22. ^ "#SedenaLeaks: La secreta "Operación Limpieza" del Ejército en el caso Ayotzinapa - MCCI". contralacorrupcion.mx (in European Spanish). Archived from the original on 2022-11-03. Retrieved 2022-11-08.
  23. ^ "Mexico's Missing: 100,000+ Cases Unsolved as Leaked Military Docs Shed New Light on Ayotzinapa 43". Democracy Now!. 2023-03-15. Archived from the original on 2023-06-17. Retrieved 2023-06-22.
  24. ^ "Hackers obtienen información de Sedena; revelan enfermedades de AMLO". ADNPolítico (in Spanish). 2022-09-30. Archived from the original on 2022-11-03. Retrieved 2022-11-08.
  25. ^ "Correos Sedena: el "business plan" del Ejército que busca administrar una mega agencia de turismo con parques, aerolínea, museos y hoteles". Latin US (in Mexican Spanish). 2022-10-03. Archived from the original on 2022-11-07. Retrieved 2022-11-08.
  26. ^ Camhaji, Elías (2022-10-05). "La Sedena rompe el silencio tras la filtración masiva de Guacamaya y niega las acusaciones de espionaje a periodistas". El País México (in Mexican Spanish). Archived from the original on 2023-06-06. Retrieved 2023-06-06.
  27. ^ AMLO niega que se espíe a periodistas y opositores, archived from the original on 2023-06-06, retrieved 2023-06-06
  28. ^ PERÚ, NOTICIAS EL COMERCIO (2022-10-06). "Elecciones 2022 | Hackean a Ejército peruano y revelan existencia de informes de seguimiento a postulantes de las Elecciones Regionales y Municipales, según reporte | VIDEO Guacamaya Leaks rmmn | POLITICA". El Comercio Perú (in Spanish). Archived from the original on 2022-11-27. Retrieved 2022-11-08.
  29. ^ OCCRP. "What Is 'NarcoFiles: The New Criminal Order'? Everything You Need To Know". OCCRP. Retrieved 2023-12-24.
  30. ^ Project, Organized Crime and Corruption Reporting. "NarcoFiles: The New Criminal Order". OCCRP. Retrieved 2023-12-24.
  31. ^ "The Highway to Europe: Inside a Global Drug Collaboration - OCCRP". The Highway to Europe: Inside a Global Drug Collaboration - OCCRP. Retrieved 2023-12-24.
  32. ^ Vélez (CLIP-OCCRP), Kevin G. Hall (OCCRP), Nathan Jaccard (OCCRP), Jacqueline Charles (Miami Herald), and Juanita. "Colombian Leak Gives Rare Glimpse Into Secretive World of 'Controlled' Drug Deliveries". OCCRP. Retrieved 2023-12-24.{{cite web}}: CS1 maint: multiple names: authors list (link)
  33. ^ Radu, Paul. "The Transnational Public Enemy". OCCRP. Retrieved 2023-12-24.