Network Security, Threat Intelligence, Malware

CrowdStrike IoC list exposed by USDoD threat actor

Share
Red glowing letters saying hacked on dark background with binary code

Hackread reports that CrowdStrike had a 103,000-line indicator of compromise list exposed by widely known threat actor USDoD on Breach Forums following the hacker's claims of exfiltrating the U.S. cybersecurity firm's complete threat actor list last week.

Aside from featuring several hash types associated with the Mispadu malware, the leaked 53 MB CSV file also included information connected to the threat actor SAMBASPIDER, kill chain phrases, threat types, confidence levels, and MITRE ATT&CK techniques, reported Hackread researchers.

Meanwhile, CrowdStrike noted the information included in the exposed dataset had "LastActive" dates not later than June.

"…[H]owever, the Falcon portal's last active dates for some of the referenced actors are as recent as July 2024, suggesting when the actor potentially obtained the information," said CrowdStrike, which also noted USDoD's propensity to overstate its hacking assertions.

Such a development comes after a botched update for the CrowdStrike Falcon platform resulted in a widespread global IT outage that impacted 8.5 million Windows machines worldwide.

CrowdStrike IoC list exposed by USDoD threat actor

Hackread reports that CrowdStrike had a 103,000-line indicator of compromise list exposed by widely known threat actor USDoD on Breach Forums following the hacker's claims of exfiltrating the U.S. cybersecurity firm's complete threat actor list last week.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.