Spanish authorities have arrested a suspected hacker accused of carrying out more than 40 cyberattacks targeting the U.S. military, NATO, and multiple Spanish government institutions, according to a statement from Spain’s National Police on Wednesday. 

According to authorities, the suspect was arrested Tuesday in the coastal city of Calp. The police did not disclose his identity or age but multiple Spanish news outlets reported that he is 18 years old.

Seized from the suspect’s residence are multiple pieces of computer equipment, an iPhone and over 50 cryptocurrency accounts containing various digital assets.

Authorities noted that the hacker targeted high-profile organizations, including NATO, the U.S. Army, the United Nations, and the International Civil Aviation Organization, by accessing databases containing personal information of employees and clients, along with internal documents that were later sold or publicly shared in forums.

The suspect, who operated under the alias “Natohub” on cybercriminal forums, reportedly utilized anonymous messaging apps and specialized navigation tools to establish a complex technical network, making it difficult for investigators to track him.

According to authorities, the hacker’s attack in December 2024 on the databases of Spain’s Civil Guard and Ministry of Defense led law enforcement to trace his activities, ultimately resulting in his arrest.

The suspect faces multiple charges, including unauthorized access to computer systems, disclosure of confidential information, cyber damage, and money laundering. According to reports, after appearing in court, the suspect was released under judicial supervision, with his passport confiscated to prevent international travel. 

Meanwhile, authorities are still analyzing the seized computer data to assess the full extent of the breaches and identify any additional compromised entities.