Encrypted messages from an imprisoned hacker
Cybercriminal Héctor Ortiz sent several encrypted messages from prison to an accomplice. One of them (or part of it) I can present today. The solution is not known to me.
“True crime” literature and television shows have been booming for years. This development doesn’t stop at cryptography either, which I notice again and again in the number of hits on this blog. Articles about encrypted messages that have something to do with a criminal case are regularly among the most popular ones I publish here.
If you want to read up on the subject, you should check out the posts on the Zodiac Killer, the Debosnys cryptograms, Ricky McCormick’s encrypted notes, the Paul Rubin case, the YOGTZE case, or the Somerton man. There is, of course, much more.
Thanks to Google, I recently came across another criminal case in which encrypted messages play a role. Unfortunately, as so often in such cases, only part of the exciting truth is publicly known. The police are usually not very forthcoming when it comes to cryptological details.
The case in question centers on Mexican cybercriminal Héctor Ortiz (also known as “H1”), who scammed the equivalent of several million euros in his home country by hacking the SPEI payment system used between banks with his accomplices. In 2019, he was arrested and has been in prison ever since. Until then, he had lived a life of luxury with his illegally earned money, including expensive cars and motorcycles.
In Mexico, the SPEI hack triggered a lot of media coverage, as you can see from numerous Spanish-language news stories on the Internet. I also found a report about the case in English. Apart from this, the Héctor Ortiz story seems to have generated little interest outside Latin America so far.
It would certainly be interesting to know how Ortiz and his accomplices proceeded. However, the details are probably not public knowledge, and besides, another aspect is of greater interest to this blog: In prison, Ortiz composed encrypted messages.
Ortiz’s encryptions are mentioned in a (Spanish) article. The article mentions a whole series of plaintexts belonging to encrypted messages that Ortiz wanted to send from prison to an accomplice:
[sobre la] dirección general del Edo. Méx. héchenle muchas ganas por fa yo te daré instrucciones más precisas de alguno modo si no te escribo claves que tu y yo no entendamos o te las mando. No está autorizado lo que está escrito.
Les mandé un manual de 3 páginas con pepe, confirmar si se los entregó.
Por que piensan que America y Kasandra sacaron el pastel de la casa.
Me haz dicho que no confias en julio y julio me dijo que no confía en kasandra, y luego que sí y luego que no.
Por cierto ayúdame a juntar a la pandilla para saliendo hecharnos un fucho y de paso los pones en contacto con mi cuñada… les recomiendo que tomen distancia con Pachi ya que siento que no quiere ir al partido o de pronto y entra de oponente, solo eso se debe tomar en cuenta.
Now, of course, it would be very interesting to know what the associated ciphertexts are, how they were intercepted, and how they were deciphered. Unfortunately, the article says almost nothing about this. The only thing that could possibly shed light on this is the following figure:
The left part looks like a key. Accordingly, one would have to encode the letter A as C3, for example. As far as I can see, all other letters of the alphabet are listed as well. However, it is unclear why one should encrypt characters like >, * or #.
An encrypted message
On the right side of the note are two lines:
The top line could read QUEBA QUE DICE BLO? Underneath I read:
E2 H8 C10 C3 F7 G8 B9
Using the above table, one can decrypt this cryptogram as follows:
No idea what this is supposed to mean.
The article also shows two drawings that may belong to the encrypted messages. In the first drawing, I would be interested to know what is written at the top:
Can any reader say more about these ciphers? Is there any additional information about them anywhere? Can the above cryptogram be solved? Is the table next to it actually a key? I am eager to hear any pertinent information.