 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Other threat group: NetSec, USDoD| Names | NetSec (self given) ScarFace_TheOne (self given) USDoD (self given) | |
| Country |  Spain | |
| Motivation | Financial gain | |
| First seen | 2020 | |
| Description | (Cyble) During our Deepweb search in various forums, security researchers at the Lab identified a prolific TA going by the name NetSec aka ScarFace_TheOne aka Scarfac33 and targeting the U.S. infrastructure. Our research indicated that the TA has been active on the forum for over two years, taking part in various cyberattacks with diverse geographical and dynamic industry footprints. The TA’s malicious cyber activities have helped earn an aggressive reputation, besides resulting in the TA being widely endorsed and acclaimed by other notable malicious actors such as Pompompurin, Holistic-K1ller, and IPegFemBoys. | |
| Observed | Sectors: Defense. Countries: USA. | |
| Tools used | ||
| Operations performed | Dec 2022 | FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked <ttps://krebsonsecurity.com/2022/12/fbis-vetted-info-sharing-network-infragard-hacked/> |
| Sep 2023 | Airbus investigates data leak allegedly involving thousands of suppliers <https://therecord.media/airbus-data-leak-suppliers-breachedforums> | |
| Apr 2024 | Hackers leak 2.7 billion data records with Social Security numbers <https://www.bleepingcomputer.com/news/security/hackers-leak-27-billion-data-records-with-social-security-numbers/> | |
| Jul 2024 | Hacktivist Entity USDoD Claims to Have Leaked CrowdStrike’s Threat Actor List <https://www.crowdstrike.com/en-us/blog/hacktivist-usdod-claims-to-have-leaked-threat-actor-list/> | |
| Counter operations | Oct 2024 | Operation “Data Breach” USDoD hacker behind National Public Data breach arrested in Brazil <https://www.bleepingcomputer.com/news/security/usdod-hacker-behind-national-public-data-breach-arrested-in-brazil/> |
| Information | <https://cyble.com/blog/u-s-armed-forces-and-defense-industrial-base-under-cyber-attack/> <https://www.databreaches.net/im-not-pro-russia-and-im-not-a-terrorist-infragard-and-airbus-hacker-usdod-unveils-his-new-campaigns/> <https://socradar.io/unmasking-usdod-the-enigma-of-the-cyber-realm/> <https://hackread.com/usdod-hacker-ssn-leak-reveals-brazilian-citizen/> | |
Last change to this card: 24 October 2024
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |