Brazilian federal law enforcement authorities have apprehended a cybercriminal linked to a series of daring and high-profile cyberattacks. The individual arrested, suspected of being behind various intrusions into Brazilian federal systems as well as international organizations, was captured in Belo Horizonte/MG as part of “Operation Data Breach,” launched by Brazil’s Department of Federal Police (DFP).

The DFP disclosed that the suspect was apprehended for allegedly publishing and selling sensitive Federal Police data on two occasions, in May 2020 and February 2022. Furthermore, the hacker claimed responsibility for infiltrating InfraGard, a collaborative effort between the FBI and private critical infrastructure entities in the United States, and disclosing sensitive data of about 80,000 individuals. Although the DFP did not reveal the suspect’s identity, the hacker known as USDoD has previously boasted about breaching the FBI’s InfraGard platform.

The arrested individual, known to cybersecurity analysts as USDoD, has been associated with cyber intrusions targeting prominent entities such as Airbus, the U.S. Environmental Protection Agency, and other organizations. However, some of these alleged breaches could not be independently verified. In a separate incident, USDoD caused concern by posting a database on the dark web marketplace Breached, featuring approximately 899 million unique Social Security numbers.

National Public Data, a background check giant, filed for bankruptcy explicitly attributing the cyberattacks to USDoD, who has purportedly breached several institutions, including the FBI, Airbus, and TransUnion. The DFP confirmed that the detained individual played a role in leaking significant databases of personal information, including those belonging to Airbus and the U.S. Environmental Protection Agency. The suspect faces charges for hacking computer systems to obtain and commercialize data.

In a surprising turn of events, USDoD voluntarily disclosed his real identity in an interview with a news outlet, revealing himself to be a 33-year-old man named Luan G. from Minas Gerais, Brazil. Seeking to take responsibility for his actions, Luan admitted to cybersecurity firms, including Crowdstrike and Intel471, identifying him. Local reports indicated that Crowdstrike shared its findings with Brazilian authorities after tracing USDoD’s identity back to Luan.

The arrest of the hacker is part of Brazil’s ongoing efforts to crackdown on cybercrime within its borders. Earlier this year, Brazilian law enforcement intervened in the activities of a criminal group responsible for the Grandoreiro banking malware, which had siphoned off millions of euros since 2019. Additionally, they conducted multiple search and seizure operations targeting the Lapsus$ Group, implicated in various cyberattacks.

Overall, the apprehension of the hacker represents a significant victory for Brazilian authorities in their fight against cybercriminal activities. By unmasking and arresting individuals responsible for cyber intrusions, law enforcement agencies aim to safeguard national security and protect vital systems from malicious attacks.

The continuous vigilance and proactive measures undertaken by Brazilian authorities demonstrate their commitment to combatting cyber threats and ensuring a secure digital environment for businesses and individuals across the country.

Source link