Hackread reports that CrowdStrike had a 103,000-line indicator of compromise list exposed by widely known threat actor USDoD on Breach Forums following the hacker's claims of exfiltrating the U.S. cybersecurity firm's complete threat actor list last week.Aside from featuring several hash types associated with the Mispadu malware, the leaked 53 MB CSV file also included information connected to the threat actor SAMBASPIDER, kill chain phrases, threat types, confidence levels, and MITRE ATT&CK techniques, reported Hackread researchers.Meanwhile, CrowdStrike noted the information included in the exposed dataset had "LastActive" dates not later than June."…[H]owever, the Falcon portal's last active dates for some of the referenced actors are as recent as July 2024, suggesting when the actor potentially obtained the information," said CrowdStrike, which also noted USDoD's propensity to overstate its hacking assertions.Such a development comes after a botched update for the CrowdStrike Falcon platform resulted in a widespread global IT outage that impacted 8.5 million Windows machines worldwide.
Network Security, Threat Intelligence, Malware
CrowdStrike IoC list exposed by USDoD threat actor

(Adobe Stock)
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



