The infamous threat actor USDoD revealed by researchers

0
44
The infamous threat actor USDoD revealed by researchers
The infamous threat actor USDoD revealed by researchers

A man from Brazil is the notorious hacker USDoD, also known as EquationCorp, who is notorious for high-profile data thefts, according to a CrowdStrike investigation.

A CrowdStrike investigation revealed that the infamous hacker USDoD (also known as EquationCorp), who is infamous for high-profile data thefts, is a man from Brazil. The Brazilian website TecMundo broke the story first after receiving a CrowdStrike report from an unidentified source. Large volumes of data that were taken from significant companies, such as Airbus, the FBI’s InfraGard portal, the National Public Data, and TransUnion, have been made public by USDoD during the last few years.

According to a thorough analysis from CrowdStrike that TecMundo obtained from an unidentified source, Luan BG, a 33-year-old resident of Minas Gerais, Brazil, is most likely the group’s commander. The authorities have already received all of the information pertaining to the cybercriminal. It was possible to identify social media accounts, phone numbers, email addresses, registered domains, IP addresses, tax registrations, and cities among them. To prevent disclosing the attacker’s identity in full, TecMundo was not given access to more detailed information. According to CrowdStrike’s analysis, Luan BG, the head of USDoD, has been engaged in hacktivist activities since at least 2017. By 2022, nevertheless, the Brazilian national was engaging in increasingly sophisticated cybercrime.

Since Luan had poor operational security, a connection between his hacktivism and cybercrime was established (opsec). The man posted the same emails and words in forums and on social media. By following this email, which was connected to social media profiles, GitHub updates, domain registrations, and personal accounts, CrowdStrike was able to identify Luan. Early on, Luan’s lack of technological know-how made identification simpler and made it possible to gather images and emails connected to his different personas. “There are risks involved when someone’s identity is revealed in an intelligence report. Aspects of these people’s private lives, such as family members, intimate images, and other personal information, should be protected despite their involvement in harmful cyber activities, unless they are pertinent to the inquiry, according to CrowdStrike.

According to TecMundo, USDoD unintentionally disclosed his identity in a 2023 interview with DataBreaches.net, during which he stated that he was a thirty-something-year-old man who held both Portuguese and Brazilian citizenship and lived in Spain. Nevertheless, additional evidence of his identification as Luan BG came from his online activity, which included emails, posts on social media, and IP addresses that were tracked to Brazil. He made an effort to conceal his identity by claiming citizenship in the United States, but financial records and other digital traces found by CrowdStrike linked him to Brazil. Authorities have been informed of CrowdStrike’s findings, but they think the man will carry on with his cybercrime, probably downplaying or disputing the allegations.

Also readTop 3 Workforce Management Companies in India You Should Know

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.

CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.