Threat Group Cards: A Threat Actor Encyclopedia

Names	NetSec (self given) ScarFace_TheOne (self given) USDoD (self given)
Country	Spain
Motivation	Financial gain
First seen	2020
Description	(Cyble) During our Deepweb search in various forums, security researchers at the Lab identified a prolific TA going by the name NetSec aka ScarFace_TheOne aka Scarfac33 and targeting the U.S. infrastructure. Our research indicated that the TA has been active on the forum for over two years, taking part in various cyberattacks with diverse geographical and dynamic industry footprints. The TA’s malicious cyber activities have helped earn an aggressive reputation, besides resulting in the TA being widely endorsed and acclaimed by other notable malicious actors such as Pompompurin, Holistic-K1ller, and IPegFemBoys.
Observed	Sectors: Defense. Countries: USA.
Tools used
Operations performed	Sep 2023	Airbus investigates data leak allegedly involving thousands of suppliers <https://therecord.media/airbus-data-leak-suppliers-breachedforums>
Information	<https://cyble.com/blog/u-s-armed-forces-and-defense-industrial-base-under-cyber-attack/> <https://www.databreaches.net/im-not-pro-russia-and-im-not-a-terrorist-infragard-and-airbus-hacker-usdod-unveils-his-new-campaigns/>

Last change to this card: 12 October 2023

Download this actor card in PDF or JSON format