Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach – Krebs on Safety

Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach – Krebs on Safety


Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being “USDoD,” a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI’s InfraGard program and leaking contact info for 80,000 members. Extra just lately, USDoD was behind a breach on the client knowledge dealer Nationwide Public Knowledge that led to the leak of Social Safety numbers and different private info for a good portion of the U.S. inhabitants.

Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach – Krebs on Safety

USDoD’s InfraGard gross sales thread on Breached.

The Brazilian information outlet TV Globo first reported the information of USDoD’s arrest, saying the Federal Police arrested a 33-year-old man from Belo Horizonte. In response to TV Globo, USDoD is needed domestically in reference to the theft of knowledge on Brazilian Federal Law enforcement officials.

USDoD was recognized to make use of the hacker handles “Equation Corp” and “NetSec,” and in line with the cyber intelligence platform Intel 471 NetSec posted a thread on the now-defunct cybercrime group RaidForums on Feb. 22, 2022, through which they supplied the e-mail handle and password for 659 members of the Brazilian Federal Police.

TV Globo didn’t title the person arrested, however the Portuguese tech information outlet Tecmundo revealed a report in August 2024 that named USDoD as 33-year-old Luan BG from Minas Gerais, Brazil. Techmundo mentioned it discovered the hacker’s actual id after being given a draft of an in depth, personal report produced by the safety agency CrowdStrike.

CrowdStrike didn’t reply to a request for remark. However every week after Techmundo’s piece, the tech information publication hackread.com revealed a narrative through which USDoD reportedly admitted that CrowdStrike was correct in figuring out him. Hackread mentioned USDoD shared an announcement, which was partially addressed to CrowdStrike:

A current assertion by USDoD, after he was efficiently doxed by CrowdStrike and different safety corporations. Picture: Hackread.com.

In August 2024, a cybercriminal started promoting Social Safety numbers and different private info stolen from Nationwide Public Knowledge, a personal knowledge dealer in Florida that collected and bought SSNs and phone knowledge for a major slice of the American inhabitants.

Extra reporting revealed Nationwide Public Knowledge had inadvertently revealed its personal passwords on the Web. The corporate is now the goal of a number of class-action lawsuits, and just lately declared chapter. In an interview with KrebsOnSecurity, USDoD acknowledged stealing the NPD knowledge earlier this yr, however claimed he was not concerned in leaking or promoting it.

In December 2022, KrebsOnSecurity broke the information that USDoD had social-engineered his means into the FBI’s InfraGard program, an FBI initiative designed to construct casual info sharing partnerships with vetted professionals within the non-public sector regarding cyber and bodily threats to important U.S. nationwide infrastructure.

USDoD utilized for InfraGard membership utilizing the id of the CEO of a serious U.S. monetary firm. Regardless that USDoD listed the true cell phone variety of the CEO, the FBI apparently by no means reached the CEO to validate his utility, as a result of the request was granted only a few weeks later. After that, USDoD mentioned he used a easy program to gather all the contact info shared by greater than 80,000 InfraGard members.

The FBI declined to touch upon stories about USDoD’s arrest.

In a prolonged September 2023 interview with databreaches.internet, USDoD informed the publication he was a person in his mid-30s who was born in South America and who holds twin citizenship in Brazil and Portugal. Towards the tip of that interview, USDoD mentioned they have been planning to launch a platform for buying navy intelligence from america.

Databreaches.internet informed KrebsOnSecurity USDoD has been an everyday correspondent since that 2023 interview, and that after being doxed USDoD made inquiries with an area lawyer to be taught if there have been any open investigations or costs in opposition to him.

“From what the lawyer came upon from the federal police, they’d no open instances or costs in opposition to him at the moment,” Databreaches.internet mentioned. “From his writing to me and the conversations we had, my sense is he had completely no thought he was in imminent hazard of being arrested.”

When KrebsOnSecurity final communicated with USDoD by way of Telegram on Aug. 15, 2024, they claimed they have been “planning to retire and transfer on from this,” referring to a number of media stories that blamed USDoD for leaking practically three billion client information from Nationwide Public Knowledge.

Lower than 4 days later, nevertheless, USDoD was again on his regular hang-out at BreachForums, posting customized exploit code he claimed to have written to assault just lately patched vulnerabilities in a preferred theme made for WordPress web sites.

Leave a Reply

Your email address will not be published. Required fields are marked *