Spanish Police Arrest Suspected Logistical Aid for Pro-Russian Hacktivists
Spanish authorities have apprehended an individual accused of providing crucial logistical support to prominent pro-Russian hacktivist groups, including **CyberArmy of Russia Reborn (CARR)** and **NoName057(16)**. The arrest, made in Palencia, also involved freezing cryptocurrency assets believed to be linked to illicit activities, signaling intensified international efforts against state-aligned cyber threats.
# Spanish Police Arrest Suspected Logistical Aid for Pro-Russian Hacktivists
Spanish law enforcement has arrested a man suspected of actively supporting several high-profile pro-Russian hacktivist groups. The individual, whose identity remains undisclosed, was apprehended in March in the northern city of Palencia following an investigation that linked him to groups such as **CyberArmy of Russia Reborn (CARR)**, **Z-Pentest**, and **NoName057(16)**.
## Allegations of Logistical Support and Coordination
In a statement, Spanish police alleged that the suspect provided logistical assistance to a Ukrainian hacker associated with **CARR**, facilitating their escape to Russia via Poland and Belarus. Furthermore, authorities accuse the individual of communicating with members of these Russian hacktivist groups through encrypted messaging applications, coordinating activities, and supporting operations attributed to **NoName057(16)**.
**NoName057(16)** is widely recognized for its disruptive distributed denial-of-service (DDoS) attacks targeting governments and organizations that support Ukraine.
## Seizure of Digital Assets
During a search of the suspect's residence, officers seized computers and cryptocurrency storage devices. They also froze a cryptocurrency wallet that investigators believe held proceeds from the sale of information obtained through criminal activities.
The suspect is currently under investigation for alleged membership in and collaboration with a terrorist organization, glorification of terrorism, and computer-related damages. Formal charges have not yet been announced.
## Group Denials and International Crackdowns
In response to the arrest, a representative claiming to be from **Z-Pentest** told Russian technology outlet SecPost that the group was unaware of the detained individual and suggested a potential police error. The representative indicated that the group had initiated efforts to gather more information about the suspect through its contacts in Europe and Spain.
This arrest is the latest in a series of international law enforcement actions targeting individuals allegedly linked to Russian government-aligned hacktivist groups. In 2024, the U.S. sanctioned two alleged members of **CARR**, including its purported leader, for targeting U.S. critical infrastructure. The group has claimed attacks on industrial control systems across various sectors, though many operations involve less sophisticated DDoS attacks.
European authorities have also increased pressure on **NoName057(16)**. Last year, an international operation disrupted a significant portion of the group's infrastructure, targeting over 100 servers and issuing seven international arrest warrants. Despite these efforts, the group continues to claim cyberattacks against countries supporting Ukraine.
Security researchers have consistently highlighted the close operational ties between many Russian hacktivist groups and the Kremlin, often exceeding their public acknowledgments. Earlier this year, **Mandiant** reported that **CARR** maintains a close operational relationship with **Sandworm**, the notorious hacking unit linked to Russia's military intelligence.