[DataBreaches] “I’m Not Pro-Russia and I’m Not a Terrorist!” —- InfraGard and Airbus Hacker “USDoD” Unveils His New Campaigns

The first time DataBreaches remembers hearing about the man who calls himself “USDoD” was when he posted a sales listing for member data from InfraGard. He had not only managed to acquire data on 80,000 members of an organization dedicated to protecting critical infrastructure, but his revelation of his method exposed some embarrassingly inept security on InfraGard’s part. But that incident and his newest leak involving 3,200 vendors of Airbus aren’t the only reasons to pay attention to him. In a somewhat rambling interview with DataBreaches, conducted over several days online, USDoD reveals some of his current operations and future plans with respect to US defense agencies and firms. This post is divided into two major sections. The first provides some background on USDoD as he describes himself. The second part reveals some of his current operations and developing projects. Because USDoD is not a native English speaker and requested that typos and errors be corrected, there are numerous instances where typos or confusing phrasing have been edited for clarity. At other points, his writing has been left as in the original. Those parts reflect his usual writing style. Part 1. Background Who is USDoD? USDoD is a man in his mid-30’s. He describes himself as single but as being in a serious relationship with his girlfriend, who is a doctor. When asked if she knows what he does, he said that she does know. USDoD tells DataBreaches that he was born in South America but moved to Portugal. He holds dual citizenship in Brazil and Portugal, but currently lives in Spain. USDoD speaks three languages: Portuguese, English, and German. “English is not my main one,” he told DataBreaches, who had pretty much already figured that out quickly. When asked whether he speaks Russian, he responded that he is first starting to learn it this year. When Did He Start Hacking? USDoD states that he first got started in 1999 after joining a Brazilian gaming community. He was 11 at the time, and says he was able to use social skills to help take down a pedophile. He also states that a moderator of that community, who was also a developer for r3x software, took him under his wing and encouraged him and helped him develop skills. He says he was also greatly impressed by Kevin Mitnick. “Sadly, I never met him, but damn, this guy is a legend in my generation. His social engineering skills inspired me a lot to become what I am now.” USDoD’s preferred learning style is to attack real, but small and unknown, companies. “I learn in real scenarios. Got my hands really dirty to get experience. I wasn’t learning in local labs and stuff like that. I don’t like that,” he told DataBreaches. Early Campaigns Against the Military and Defense Contractors: 2021-2022 USDoD was known as “NetSec” on RaidForums. “As ‘NetSec’, I breached a number of entities, but my most notorious one was my own operations against the U.S. Army and defense contractors in my #RaidAgainstTheUS campaign,” he told DataBreaches. In February 2022, Cyble Research Lab wrote a report on NetSec, describing him as a pro-Russian threat actor. The report provided a timeline of his activities: The incidents included a US Defense Technical Information Center database, a US Army Special Operations Center of Excellence database, a US Strategic Command database, a US Central Command database, a U.S. Special Operations Command database, and a Lockheed Maring database. All of those releases were within a two-day period in February 2022. The report also included screenshots of how USDoD listed and explained the attacks. “I’m Not Pro-Russia” Because a number of NetSec’s posts referred to Russians or collaborating with a Russian or Russians, it was understandable that Cyble and others might view him as pro-Russia, but USDoD takes strong exception to that. He tells DataBreaches that what others seem to assume was a political alliance of some kind was not political at all. He got involved because of a private request from a friend to whom he felt indebted. In other cases, he may have collaborated with Russian individuals or sold data to Russian individuals, but not due to any political views on his part. Perhaps it was partly an English problem, but USDoD really didn’t seem to have insight into how his words were creating an impression that he was pro-Russia. And to show me that such claims were not true, he started telling DataBreaches about U.S. clients and what some of the February 2022 posts were really about. As a specific case in point, the “Russian” referred to in February 2022 posts that Cyble reported was an independent security researcher he is close to. The researcher had showed him an AI platform he was developing called “Tulip” and asked him to collect any military data that may or may not help him in that project. Believing that there was no intention to harm U.S. critical infrastructure, USDoD agreed to help. He still believes the project was and is an innocent one. “Since that time and my work on it, there has never been any evidence publicly or in private that there was any harm done by what I did or any leak of intel. This was never political,” he said. “Maybe I messed up my writing when I wrote I was selling to “the Russians” as if there was something political about it. No. I just got info for them for what an AI project that is not targeting the U.S.” In addition to telling DataBreaches that he also has U.S. clients, USDoD noted that shortly after the Cyble report appeared in 2022, he was contacted by someone very close to the Iranian government who tried to buy the intel he had described in his posts, “but I declined to sell it to him. I won’t attack certain countries but I also won’t do business with their governments or political people or military. I don’t do political business with anyone at all. Same rules apply to […]

https://www.databreaches.net/im-not-pro-russia-and-im-not-a-terrorist-infragard-and-airbus-hacker-usdod-unveils-his-new-campaigns/

hinoshiba / news

[DataBreaches] “I’m Not Pro-Russia and I’m Not a Terrorist!” —- InfraGard and Airbus Hacker “USDoD” Unveils His New Campaigns #3582