Cyber Threat Actor: Alex Mosquera
| Actor Type | Location | Known Incidents |
Insider - Disgruntled
|
United States of America
|
1 incident |
|---|
Profile
Alex Mosquera, also known by the alias Alex Mosquera, is a threat actor identified as a teenager residing in the United States of America. He came to public attention in May 2015 when he, along with two classmates, was accused of installing a hardware keylogging device on a computer at Commack High School in Long Island, New York. The device captured keystrokes, allowing the actors to obtain usernames and passwords for the school’s network. Using those credentials, they accessed the school’s data management system, altered their own academic grades and the grades of a peer, and modified the class schedules of hundreds of students. The intrusion also exposed student identification numbers, names, addresses, and contact information, though no Social Security numbers were compromised. School officials detected the unauthorized changes, restored the original data, and prevented further access after the breach was contained.
The actor’s targeting was confined to the educational sector, specifically a suburban high school in the northeastern United States. The observed actions indicate a focus on manipulating academic records and scheduling data rather than financial theft, espionage, or broader disruption. The primary technique involved physical access to a school computer after hours to attach a keylogger, which served as the initial access vector for credential harvesting. No malware families or custom software were referenced in the reporting; the tooling style relied exclusively on a hardware keylogging device to capture authentication information. Once credentials were obtained, the actors used legitimate login procedures to navigate the school’s internal systems and make unauthorized modifications to grade and schedule databases.
Attribution to Alex Mosquera is based on his identification as one of the three students charged in the incident; he faced charges of computer trespass alongside his accomplices, who were charged with burglary and computer tampering. No connections to state actors, criminal syndicates, or larger hacking groups were disclosed in the available sources. The 2015 Commack High School breach remains the sole publicly reported operation linked to this actor, representing a limited‑scope incident that resulted in legal proceedings and the eventual correction of the altered data by the school district. The case illustrates how insider‑threat tactics involving simple hardware tools can be used to compromise institutional networks and alter sensitive records.
