Costa Rican Judicial Police Capture Alleged International Cyber-Criminal

Costa Rican Judicial Police Capture Alleged International Cyber-Criminal

By Dialogo
August 14, 2015

Costa Rica’s Judicial Investigation Body (OIJ) and U.S. law enforcement agents recently worked together to capture a college student suspected of participating in an international cyber-crime operation.

The suspect, who has only been identified as Rivera Sánchez, was arrested by OIJ agents in July in his home in the popular Barreal district of the central city of Heredia. He was one of 12 suspects captured throughout the world as part of the U.S. Federal Bureau of Investigation's (FBI) Operation Shrouded Horizon.

No trial date has been set for Rivera Sánchez, a student at the National University (UNA) who allegedly used an Internet server to spread malware to infect computers. He’s also suspected of managing a botnet – a network of computers that are connected and communicate with each other to complete repetitive tasks, such as sending spam. Rivera Sánchez and other hackers allegedly used these methods to steal and sell personal information from victims’ electronic devices.

“We were actually informed by an alert from the FBI ... regarding a person who was using an [Internet Protocol] address where he was uploading malicious programs – called malware – for virus dissemination,” OIJ Assistant Director Luis Angel Ávila told Diálogo

An IP address is a unique string of numbers separated by periods that identifies each computer or device using the Internet Protocol to communicate over a network.

OIJ agents seize computers

OIJ agents from the Electronic Crime Unit confiscated computers and other electronic equipment during the operation in which Rivera Sánchez was captured.

“During the raid, computing equipment was found, as well as varied information linked to this illegal activity he was involved in, which was affecting not only national users but also foreigners, with virus dissemination,” Ávila said. “When the search was carried out, computers, electronic equipment for (data) storage, and other evidence were found, which now have to be analyzed.

“In electronic matters it’s very important to have knowledge, in the sense that electronic proof is recovered and must be submitted to the due process in force in this country in order to open and analyze them,” Ávila added.

Investigators will seek the proper authorization from judicial authorities to analyze the electronic equipment.

A worldwide network

Rivera Sánchez was allegedly part of a worldwide hackers’ network and participated in a hacker's online forum known as Darkode, an “underground, password-protected, online forum” that served as “a meeting place for those interested in buying, selling, and trading malware, botnets, stolen personally identifiable information, credit card information, hacked server credentials, and other pieces of data and software that facilitated complex cyber crimes all over the globe,” according to the FBI.

The OIJ is continuing to investigate Rivera Sánchez, who allegedly was the organization’s lone member residing in Costa Rica, according to Ávila.

The FBI infiltrated Darkode, which it described as “a one-stop, high-volume shopping venue for some of the world’s most prolific cyber criminals,” by breaching the forum’s communication platform, enabling agents to collect evidence, and gather the assistance of law enforcement counterparts in other countries as part of Operation Shrouded Horizon.

The operation resulted in “charges, arrests, and searches involving 70 Darkode members and associates around the world; U.S. indictments against 12 individuals associated with the forum, including its administrator; the serving of several search warrants in the U.S.; and the (FBI's) seizure of Darkode’s domain and servers,” the U.S. Justice Department and the FBI said.

“And in addition to the FBI obtaining enough evidence for search warrants and indictments in the U.S., we shared information with our foreign partners to help them make their own cases against the Darkode perpetrators residing in their jurisdictions,” the FBI stated.

Cyber-crime in Costa Rica

Previously, the OIJ investigated cases of computer networks used for sexual exploitation and child pornography, among other criminal activities, according to Ávila.

“We’re pretty much making progress there, and cases have been increasing... with regard to sexual exploitation and child pornography,” Ávila said. “We’ve had both locals as well as foreigners involved in this type of activity who have come here to establish their operations and build a crime network.”

Costa Rican investigators also have broken up a handful of cyber-crimes for profit in recent years.

For example, in 2013, a Costa Rican court convicted two former employees of a telemarketing center of wire fraud and money laundering in connection with a scheme in which they stole $4 million from victims, many of whom were elderly U.S. residents who believed they were entering a sweepstakes contest. In 2014, a Costa Rican judge sentenced them to 25 and 12 years in prison, respectively.