Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label InfraGard. Show all posts
USDoD
Data Breach InfraGard National Public Data US Citizen USDoD

Brazil's Federal Police Arrests ‘USDoD,’ Hacker in FBI Infragard Breach

 

Brazil's Polícia Federal arrested USDoD, an infamous hacker linked to the National Public Data and InfraGard breaches, as part of "Operation Data Breach". USDoD, dubbed EquationCorp, has a long history of high-profile data breaches in which he stole data and often posted it on hacking forums, mocking the victims. 

These breaches include those on the FBI's InfraGard, a threat intelligence sharing platform, and National Public Data, which exposed the private data and social security numbers of hundreds of millions of US citizens online. 

Things became worse for the threat actor when he targeted cybersecurity firm CrowdStrike and revealed the company's internal threat actor list. Soon after leaking the IOC list, Brazilian publisher Techmundo received an anonymous CrowdStrike report that reportedly identified, or doxed, the threat actor, figuring out the perpetrator as a 33-year-old Brazilian called Luan BG. 

Interestingly, USDoD verified that CrowdStrike's information was accurate in an interview with HackRead and stated that he was currently living in Brazil. "So congrats to Crowdstrike for doxing me, they are late for the party, intel421 Plus and a few other companies already doxed me even before the Infragard hack," USDoD told HackRead. 

Brazil's Polícia Federal (PF) confirmed his arrest in Belo Horizonte/MG earlier this week, most likely with the use of this intelligence. 

"The Federal Police launched Operation Data Breach on Wednesday (16/10), with the aim of investigating invasions of the systems of the Federal Police and other international institutions," according to a news release issued by the PF.

A search and seizure warrant and a preventive arrest warrant were served in the city of Belo Horizonte/MG against an investigated person suspected of being responsible for two publications selling Federal Police data, on May 22, 2020 and on February 22, 2022.

The prisoner boasted on websites that he had exposed sensitive data belonging to 80,000 members of InfraGard, a partnership between the Federal Bureau of Investigation (FBI) and private critical infrastructure companies in the United States of America. He claimed to be the mastermind of multiple cyber invasions that were carried out in multiple nations.

Ironically, the arrest was carried out as part of a law enforcement action known as "Operation Data Breach," which the police said was called after the threat actor's known cyber attacks.
Read more »
InfraGard
Cyber Security Database Breach FBI Finance InfraGard

Attacker Uses InfraGard Devices to Access FBI by Posing as Firm

According to experts that spoke to independent cybersecurity writer Brian Krebs, who first reported the incident, the hacker gained access to InfraGard's online site by pretending to be the CEO of a finance company. They described the screening procedure as surprisingly loose. 

Tens of thousands of contact info for public figures were advertised for sale on the dark web after hackers took advantage of a security flaw in one of the FBI's databases. 

According to reports, a hacker who pretended to be the CEO of a financial institution claims to have gained access to the than 80,000-member database of InfraGard, an FBI outreach program that communicates sensitive information on cybersecurity and threats to national security with public officials and private sector actors who manage critical infrastructure in the United States.

Last weekend, a hacker claimed to have samples from the database and posted them to a website forum frequented by internet criminals. They claimed to be seeking $50,000 for the complete database.

The FBI made no attempt to explain how the hacker managed to trick the organization into granting the InfraGard membership. When submitting an application to join InfraGard in November, the hacker reportedly will include a contact email address under its control as well as the CEO's actual mobile phone number. 

The FBI can interact with corporate leaders, entrepreneurs, lawyers, security personnel, military, and government officials, IT experts, academia, and state and local law enforcement through the InfraGard site. The Infragard homepage states that the portal is primarily intended for information exchange and education regarding new threats.   

The associated information from the hacker's chat has been submitted by KrebsOnSecurity so they can be taken down from the InfraGard forum. However, the hacker revealed to Krebs they had been contacting InfraGard personnel while assuming the role of the CEO of the financial institution in an effort to gather more private information that could be used in criminal activity.  
Read more »
KrebsonSecurity
Cyber Attacks Databases FBI InfraGard KrebsonSecurity

Hacking of the US InfraGard Critical Infrastructure Intelligence Portal

 


One of the FBI's central databases had been hacked by a hacker. It appears to have been caused by a crucial security lapse on the part of the bureau, resulting in the possible theft of sensitive information. 

It has been reported by KrebsonSecurity that InfraGard has been used by hackers as a social media intelligence hub for high-profile people. 

An imperative aspect of the FBI's InfraGard program is that it links "critical infrastructure owners and operators with the FBI to provide education, information sharing, networking, and training regarding emerging threats and technologies." To put it simply, it is a database of people who are highly visible and who are concerned about security.  

A database with contact information for over 80,000 InfraGard members was listed on the Breached cybercrime forum for the cost of $50,000. It gives you access to the contact information of thousands of InfraGard members. 

A Python script from a friend was used to query the InfraGard API and obtain all of the user data after USDoD completed the sign-up process using email verification and then ran it to gather all of the data.  

One of the most concerning aspects of this data theft is that the FBI appears not to have conducted any security checks at all. The people's identities that were used to create this account have confirmed that they had never been contacted by the FBI before the account was approved. Although when the identities of people were used for this purpose. 

There has also been confirmation from the FBI to Krebs that they are aware of the possibility of a false account associated with the InfraGard system. They also stated that, currently, they are unfit to provide any additional information regarding the situation.  

A spokesperson for the USDA admitted that the $50,000 price tag placed on the databases was too high. As a result, it is imperative to make sure it is enforceable to allow for price negotiation if someone shows interest in purchasing it. While the InfraGard account is still active, there is nothing to stop hackers from contacting these high-profile figures at any time during the investigation. 
Read more »
Subscribe to: Posts (Atom)