Infamous hacker USDoD, linked to major data breaches, reveals his identity as a Brazilian citizen. Discover the implications and how Brazil’s extradition treaty with the US may affect his future.
USDoD, also known as EquationCorp, an infamous hacker responsible for some of the most high-profile data breaches, has come forward and revealed his identity as Luan G, a 33-year-old man from the state of Minas Gerais in Brazil.
The infamous hacker recently made headlines for breaching the US-based API firm National Public Data and leaking more than 3.2 billion Social Security Numbers (SSNs) online. Prior to that, USDoD breached the FBI’s security platform, InfraGard, and exposed the personal details of 87,000 members. The hacker has also been involved in several other significant data breaches and web scraping incidents.
In an exclusive conversation with Hackread.com, which included a short video message from the hacker, USDoD acknowledged that he was “doxed by CrowdStrike,” a cybersecurity firm recently in the news for a bad update that caused global disruption of Windows devices.
So, what does CrowdStrike have to do with the USDoD hacker? The conflict between USDoD and CrowdStrike began in July 2024, when the hacker announced that he had scraped and leaked a 100,000-line Indicator of Compromise (IoC) list from the company. Apparently, it took CrowdStrike less than a month to “dox” the hacker in response.
On the other hand, the USDoD hacker provided a statement to Hackread.com, revealing his ambition to turn his life around, leave the cybercrime world behind, and do something positive for Brazil.
“So congrats to Crowdstrike for doxing me, they are late for the party, intel421 Plus and a few other companies already doxed me even before the Infragard hack. I want to say thank you, it is time to admit I got defeated and I will retire my Jersey. Yes, this is Luan speaking. I won’t run, I’m in Brazil, the same city where I was born. I am a huge valuable target and maybe I will talk soon to whoever is in charge but everyone will know that behind USDoD I’m a human like everyone else, to be honest, I wanted this to happen, I can’t live with multiple lives and it is time to take responsibility for every action of mine and pay the price doesn’t matter how much it may cost me. This is not my end. Thank you, see you around. Don’t worry Brazilian authorities, I’m coming to meet you, I’m not a threat, in fact, I can do much for my country.”
Hackread.com has reached out to CrowdStrike for comment. Meanwhile, according to the Brazilian news site TecMundo, CrowdStrike has already shared its findings with the relevant authorities in Brazil.
Commenting on this, John Bambenek, President at Bambenek Consulting, argued whether the hacker is serious about leaving cybercrime: “If he was serious about turning his life around, he could turn himself in at the nearest embassy, get a sweetheart plea deal, and in 3-5 years, he’ll be the figurehead of some new cybersecurity company making mid-six figures. It’s a well-worn path that many former computer crime convicts have travelled.“
“That said, considering this interview has taken place mere moments after the NPD breach, I suspect it’s a novel technique by a threat actor throwing mud in the water and creating a PR smoke screen for continued misbehaviour,“ John added.
The United States and Brazil extradition treaty
The revelation of the USDoD hacker’s alleged identity as a Brazilian citizen has significant implications, particularly given his involvement in high-profile data breaches. Under the Brazil and US Extradition Treaty, the U.S. could request his extradition to face charges for his cybercrime.
However, Brazil has a history of not extraditing its own citizens, which could complicate efforts to bring him to trial in the United States. If Brazil chooses not to extradite, the hacker may still face legal consequences within Brazil, depending on the country’s own laws regarding cybercrime.
Nevertheless, his stated intention to leave the cybercrime world and pursue a positive path for Brazil could also influence how authorities handle his case, potentially leading to a focus on rehabilitation rather than severe punishment.
Editor’s Note: This article presents the USDoD hacker’s perspective. We have reached out to CrowdStrike for their response and will update the article accordingly once and if we receive their statement.