Go Back   Carder.life > [en] International Forum > Carding News
Reload this Page Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach

CARDER.MARKET - CARDING FORUM FOR PROFESSIONAL CARDERS


 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 05-19-2025, 07:33 AM
Artifact's Avatar

Artifact Artifact is offline
Administrator
Join Date: Jan 2024
Posts: 0
Default

Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being “USDoD,” a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI’s InfraGard program and leaking contact information for 80,000 members. More recently, USDoD was behind a breach at the consumer data broker National Public Data that led to the leak of Social Security numbers and other personal information for a significant portion of the U.S. population.

USDoD’s InfraGard sales thread on Breached.
The Brazilian news outlet TV Globo https://g1.globo.com/politica/notici...oliciais.ghtml the news of USDoD’s arrest, saying the Federal Police arrested a 33-year-old man from https://en.wikipedia.org/wiki/Belo_Horizonte. According to TV Globo, USDoD is wanted domestically in connection with the theft of data on Brazilian Federal Police officers.
USDoD was known to use the hacker handles “Equation Corp” and “NetSec,” and according to the cyber intelligence platform Intel 471 NetSec posted a thread on the https://krebsonsecurity.com/2022/04/...dmin-arrested/ RaidForums on Feb. 22, 2022, in which they offered the email address and password for 659 members of the Brazilian Federal Police.
TV Globo didn’t name the man arrested, but the Portuguese tech news outlet Tecmundo published https://www.tecmundo.com.br/seguranc...brasileiro.htmin August 2024 that named USDoD as 33-year-old Luan BG from Minas Gerais, Brazil. Techmundo said it learned the hacker’s real identity after being given a draft of a detailed, non-public report produced by the security firm CrowdStrike.
CrowdStrike did not respond to a request for comment. But a week after Techmundo’s piece, the tech news publication hackread.comhttps://hackread.com/usdod-hacker-ss...ilian-citizen/ in which USDoD reportedly admitted that CrowdStrike was accurate in identifying him. Hackread said USDoD shared a statement, which was partially addressed to CrowdStrike:

A recent statement by USDoD, after he was successfully doxed by CrowdStrike and other security firms. Image: Hackread.com.
In August 2024, a cybercriminal began https://krebsonsecurity.com/2024/08/...-nations-data/ stolen from National Public Data, a private data broker in Florida that collected and sold SSNs and contact data for a significant slice of the American population.
Additional reporting revealed National Public Data had https://krebsonsecurity.com/2024/08/...own-passwords/ on the Internet. The company is now the target of multiple class-action lawsuits, and https://techcrunch.com/2024/10/14/na...or-bankruptcy/. In an interview with KrebsOnSecurity, USDoD acknowledged stealing the NPD data earlier this year, but claimed he was not involved in leaking or selling it.
In December 2022, KrebsOnSecurity broke the news that USDoD had https://krebsonsecurity.com/2022/12/...ragard-hacked/, an FBI initiative designed to build informal information sharing partnerships with vetted professionals in the private sector concerning cyber and physical threats to critical U.S. national infrastructure.
USDoD applied for InfraGard membership using the identity of the CEO of a major U.S. financial company. Even though USDoD listed the real mobile phone number of the CEO, the FBI apparently never reached the CEO to validate his application, because the request was granted just a few weeks later. After that, USDoD said he used a simple program to collect all of the contact information shared by more than 80,000 InfraGard members.
The FBI declined to comment on reports about USDoD’s arrest.
In a lengthy https://databreaches.net/?p=107720 with databreaches.net, USDoD told the publication he was a man in his mid-30s who was born in South America and who holds dual citizenship in Brazil and Portugal. Toward the end of that interview, USDoD said they were planning to launch a platform for acquiring military intelligence from the United States.
Databreaches.net told KrebsOnSecurity USDoD has been a regular correspondent since that 2023 interview, and that after being doxed USDoD made inquiries with a local attorney to learn if there were any open investigations or charges against him.
“From what the lawyer found out from the federal police, they had no open cases or charges against him at that time,” Databreaches.net said. “From his writing to me and the conversations we had, my sense is he had absolutely no idea he was in imminent danger of being arrested.”
When KrebsOnSecurity last communicated with USDoD via Telegram on Aug. 15, 2024, they claimed they were “planning to retire and move on from this,” referring to multiple media reports that blamed USDoD for leaking nearly three billion consumer records from National Public Data.
Less than four days later, however, USDoD was back on his normal haunt at BreachForums, posting custom exploit code he claimed to have written to attack recently patched https://nvd.nist.gov/vuln/detail/CVE-2024-3807in a popular theme made for WordPress websites.
https://krebsonsecurity.com/2024/10/...ch/#more-69246
 

Tags
NULL

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump




All times are GMT. The time now is 07:12 AM.

Contact Us - Carder.life - Archive - Top