NetSec, USDoD
Description
(Cyble) During our Deepweb search in various forums, security researchers at the Lab identified a prolific TA going by the name NetSec aka ScarFace_TheOne aka Scarfac33 and targeting the U.S. infrastructure. Our research indicated that the TA has been active on the forum for over two years, taking part in various cyberattacks with diverse geographical and dynamic industry footprints. The TA’s malicious cyber activities have helped earn an aggressive reputation, besides resulting in the TA being widely endorsed and acclaimed by other notable malicious actors such as Pompompurin, Holistic-K1ller, and IPegFemBoys.
Names
| Name | Name-Giver |
|---|---|
| NetSec | self given |
| ScarFace_TheOne | self given |
| USDoD | self given |
Country
Motivation
- Financial gain
First Seen
2020
Observed Sectors
Observed Countries
Operations
- 2022-12: FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked https://krebsonsecurity.com/2022/12/fbis-vetted-info-sharing-network-infragard-hacked/
- 2023-09: Airbus investigates data leak allegedly involving thousands of suppliers https://therecord.media/airbus-data-leak-suppliers-breachedforums
- 2024-04: Hackers leak 2.7 billion data records with Social Security numbers https://www.bleepingcomputer.com/news/security/hackers-leak-27-billion-data-records-with-social-security-numbers/
- 2024-07: Hacktivist Entity USDoD Claims to Have Leaked CrowdStrike’s Threat Actor List https://www.crowdstrike.com/en-us/blog/hacktivist-usdod-claims-to-have-leaked-threat-actor-list/
Counter Operations
- 2024-10: Operation “Data Breach” USDoD hacker behind National Public Data breach arrested in Brazil https://www.bleepingcomputer.com/news/security/usdod-hacker-behind-national-public-data-breach-arrested-in-brazil/
Information
- https://cyble.com/blog/u-s-armed-forces-and-defense-industrial-base-under-cyber-attack/
- https://www.databreaches.net/im-not-pro-russia-and-im-not-a-terrorist-infragard-and-airbus-hacker-usdod-unveils-his-new-campaigns/
- https://socradar.io/unmasking-usdod-the-enigma-of-the-cyber-realm/
- https://hackread.com/usdod-hacker-ssn-leak-reveals-brazilian-citizen/
Other Information
Uuid
d82e1bf8-26e5-4c2e-bce0-eff36f55c532
Last Card Change
2025-06-30