Mexican man pleads guilty to brokering sale of surveillance devices, WhatsApp hacking tools

A Mexican businessman pleaded guilty this week to operating a company that brokered the sale of spyware and advanced surveillance tools to entities in Mexico and the US.

Through a consortium of US and Mexican companies, Carlos Guerrero sold phone interception, geolocation tracking, signal jammers, WiFi interception tools, IMSI catchers, WhatsApp hacking tools, and hacking services from companies in Italy and Israel.

How Guerrero grew his business

According to court documents, Guerrero's activity dates back to at least August 2014. At the time, Guerrero and his business partner Daniel Moreno entered into a partnership to broker the sale of an Italian company's hacking products to Mexican officials via their local company—Elite by Carga.

"After entering this agreement, Defendant and Moreno, through Elite by Carga, earned commissions brokering the sale of Company A's interception devices to the Mexican state governments of Baja and Durango. To facilitate the sales, Defendant repeatedly arranged for Elite by Carga employees to transport Company A representatives and devices between San Diego and Mexico."

Carlos Guerrero guilty plea

These services included geolocation and cell phone interception capabilities, which Guerrero's company re-sold at prices of around $25,000, according to marketing materials.

US officials said that Guerrero knew that some of the products would be used for political purposes and not just for law enforcement purposes.

"Defendant knew this, in part, because Defendant arranged for the Mayor of a town in the Mexican state of Morelos to gain unauthorized access to the U.S.-based Twitter, Hotmail, and iCloud accounts of a political rival."

Carlos Guerrero guilty plea

US officials also said that Guerrero made the mistake of "getting high on his own supply" and used some of the hacking tools himself, in December 2015, when he intercepted the phone calls of a business competitor.

These initial sales helped and also encouraged Guerrero and his partner to expand their business and DOJ investigators said that Elite by Carga expanded its business throughout 2016 and 2017 when they entered partnerships with other spyware vendors.

During that period, officials said that Elite by Carga also began re-selling signal jammers, WiFi interception tools, IMSI catchers, and the ability to hack WhatsApp messages, capabilities he obtained through partnerships with companies from Italy, Israel, and other unspecified countries.

Officials said that these new capabilities led to a new series of hacks orchestrated and brokered by Guerrero's company.

"For example, in February 2017, one or more Elite by Carga employees agreed to hack the phone and email account of a Florida-based sales representative of a large Mexican business in exchange for an approximately $25,000 payment from the Mexican business."

Carlos Guerrero guilty plea

Guerrero pleads guilty right away

US authorities questioned Guerrero this month, and the defendant waived his right to an indictment and pleaded guilty right away.

He faces up to five years in prison, a fine of up to $250,000, and up to three years of supervised release on a charge of conspiracy to sell and use hacking tools

"With this guilty plea, we are sending a clear message that companies and individuals who unlawfully violate privacy rights will not be tolerated and they will be held accountable," said Chad Plantz, Special Agent in Charge for HSI San Diego.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles

Catalin Cimpanu

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.