Argentinian security researcher arrested after tweeting about government hack

Researcher claims "political persecution," all while police are looking for a hacker who doxed thousands of officers.
Written by Catalin Cimpanu, Contributor
Image: Javier Smaldone

Argentinian police briefly detained and raided the home of a well-known security researcher last week on suspicion of hacking and leaking data from government systems.

Following his release, Javier Smaldone, the security researcher, obtained and published court documents pertaining to his arrest on Twitter.

The documents showed that authorities arrested and raided the security expert just for tweeting about a recent government hack, with no tangible evidence that he was involved.

Smaldone claimed the entire affair was a witch-hunt, describing his arrest and raid as "political persecution."

The researcher is a well-known cyber-security activist, previously testified in front of the Argentinian Senate against the use of electronic voting machines, and regularly publishes blog posts criticizing the government's plans to use such devices.

Smaldone believes this is the government's revenge for past criticism. The researcher told local news outlet Perfil that he was the third security researcher who had his home raided after reporting vulnerabilities in an electronic voting system that the Argentinian government is currently testing for a planned rollout in future elections.

La Gorra Leaks 2.0

But according to Argentinian news site Clarin, Smaldone is just one of many suspects who had their homes raided last week, on October 8, with similar house searches taking place in the cities of Córdoba, Santa Fe, La Plata, and in the country's capital of Buenos Aires.

Argentinian authorities are looking for a hacker going by the name of La Gorra Leaks 2.0.

On August 12, this year, the hacker published 5 GB of data, containing over 200,000 PDF files, on the dark web, Telegram, and Twitter.

The files contained names, surnames, ID numbers, home addresses, telephone numbers, and banking information for Argentinian Federal Police officers.

At the same time, the hacker also hacked the Twitter account for the Argentine Naval Prefecture (PNA) and tweeted that three Argentinian ships had been hit by missiles fired by British forces [1, 2, 3, 4].

According to the court documents, Smaldone was one of the first to tweet about the incidents, and authorities seem to believe he is somehow involved.

La Gorra Leaks 1.0

This new hacker's name is a reference to the original La Gorra Leaks, a hacker who back in 2017 breached the Twitter accounts of Patricia Bullrich, Minister of Security of Argentina, and tweeted images and files from Minister of Security email inboxes. The same hacker also took over the Twitter account for Argentina's Airport Security Police.

Smaldone was one of the many cyber-security experts who tweeted about the leak and even published an article breaking down the hack on his site.

Two suspects were eventually arrested for the hacks.

Smaldone's arrest just for tweeting about sensitive issues online isn't the first of its kind in Argentina. Under Minister Bullrich, Argentinian police have cracked down on people tweeting about sensitive issues online.

Smaldone was released on the same day of his arrest.

Europol’s top hacking ring takedowns

Editorial standards