In a recent cyber incident, a hacker associated with high-profile breaches including those at the FBI and Airbus allegedly leaked approximately 24GB of data allegedly linked to defense contractor Thales.
The alleged Thales data breach, which surfaced on the dark web, suggests that the notorious USDoD hacker is involved in the incident, as indicated by a post shared on a dark web forum.
The saga unfolded with an announcement on the dark web, where the USDoD claimed to have leaked approximately 24 GB of data allegedly belonging to Thales.
Alleged Thales data breach on Dark Web forum
In the aftermath of the incident, cybersecurity experts rushed to assess the extent of the damage and verify the veracity of the leaked data. Hudson Rock provided an overview of the operating mode of the hacker, suggesting a link between the Thales data leak and previous cyberattacks against Airbus.
According to the report, the USDoD pirate may have exploited Infostealer malware to infiltrate Thales, exploiting compromised credentials to exfiltrate sensitive information.
The implications of the Thales data breach are far-reaching, with potential repercussions for national security and international relations. The leaked data, if authentic, could contain classified information related to defense contracts, proprietary technology and personnel files.
Via a post on the Dark webThe USDoD hacker displayed mockery and audacity, bragging on online forums about his exploits, taunting rival cybercriminals, and flaunting his prowess as a “one-man army.” man “.
The message from the threat actor reads: “Hello, this is a new version of the Thales Group leak. I collected over 24 GB of software at the end of last year. Yes, it’s bigger than LockBit.
More information about the USDoD hacker and recent exploits
The Cyber Express, in an attempt to find out more about the Thales data leak, contacted the defense organization. However, at the time of writing, no official information or statements have been released, leaving the allegations regarding this cyberattack unconfirmed. Unfortunately, the threat actor claims to have successfully penetrated the organization and shared sample data to assert the intrusion.
Meanwhile, the USDoD continues to operate with humor, drowned out by its successful violations and apparent mockery of law enforcement. Additionally, in a recent interview with Data breaches, The USDoD provided insight into their identities, revealing details about their age, nationality and alleged ties to senior Spanish officials.
The hacker, aged around thirty, verified that he was not Russian origin and emphasized that it operates independently, without any association with any ransomware group. Originally from South America but now residing in Portugal, he said, “English is not my primary language,” according to DataBreaches.
Previously, the hacker leaked sensitive information about around 3,200 people. Airbus suppliers via BreachForums, claiming to have acquired it through passwords stolen from a Turkish airline employee with access to Airbus systems.
This followed their previous breach of the FBI’s InfraGard network, where they sold the contact details of 80,000 members. Despite interventions by the FBI, the USDoD returned on September 11, 2023, leaking Airbus employee data, hinting at future actions against major US defense contractors.
Airbus confirmed the flaw, attributing it to a RedLine Trojan infection on the A Turkish employee’s computer, probably acquired through pirated software. The evidence recovered suggests that there is a link between the violation and RedLine, which is a popular Trojan cTypically distributed via malicious emails and pirated software, often traded on cybercrime platforms.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only and users take full responsibility for their reliance on it. The Cyber Express assumes no responsibility for the accuracy or consequences of the use of this information.