Brazil's Polícia Federal arrested USDoD, an infamous hacker linked to the National Public Data and InfraGard breaches, as part of "Operation Data Breach". USDoD, dubbed EquationCorp, has a long history of high-profile data breaches in which he stole data and often posted it on hacking forums, mocking the victims.
These breaches include those on the FBI's InfraGard, a threat intelligence sharing platform, and National Public Data, which exposed the private data and social security numbers of hundreds of millions of US citizens online.
Things became worse for the threat actor when he targeted cybersecurity firm CrowdStrike and revealed the company's internal threat actor list. Soon after leaking the IOC list, Brazilian publisher Techmundo received an anonymous CrowdStrike report that reportedly identified, or doxed, the threat actor, figuring out the perpetrator as a 33-year-old Brazilian called Luan BG.
Interestingly, USDoD verified that CrowdStrike's information was accurate in an interview with HackRead and stated that he was currently living in Brazil. "So congrats to Crowdstrike for doxing me, they are late for the party, intel421 Plus and a few other companies already doxed me even before the Infragard hack," USDoD told HackRead.
Brazil's Polícia Federal (PF) confirmed his arrest in Belo Horizonte/MG earlier this week, most likely with the use of this intelligence.
"The Federal Police launched Operation Data Breach on Wednesday (16/10), with the aim of investigating invasions of the systems of the Federal Police and other international institutions," according to a news release issued by the PF.
A search and seizure warrant and a preventive arrest warrant were served in the city of Belo Horizonte/MG against an investigated person suspected of being responsible for two publications selling Federal Police data, on May 22, 2020 and on February 22, 2022.
The prisoner boasted on websites that he had exposed sensitive data belonging to 80,000 members of InfraGard, a partnership between the Federal Bureau of Investigation (FBI) and private critical infrastructure companies in the United States of America. He claimed to be the mastermind of multiple cyber invasions that were carried out in multiple nations.
Ironically, the arrest was carried out as part of a law enforcement action known as "Operation Data Breach," which the police said was called after the threat actor's known cyber attacks.