In a significant development in cybersecurity, U.S. authorities have apprehended two men from North Carolina, Andrew Otto Boggs, 22, and Justin Gray Liverman, 24. They are believed to be connected to the infamous hacking collective known as “Crackas With Attitude.” This group is notorious for a series of high-profile hacks that infiltrated the personal email accounts of senior officials across multiple federal agencies, including the CIA, FBI, and Homeland Security Department.
According to a press release from the Department of Justice, Boggs, who is alleged to have used the online pseudonym “INCURSIO,” and Liverman, known as “D3F4ULT,” were arrested on Thursday morning. Their involvement in these hacking activities raises critical questions about the security protocols at these vital government institutions.
In previous incidents attributed to Crackas With Attitude, the hackers reportedly accessed personal details from the email accounts of high-ranking officials such as CIA Director John Brennan and U.S. intelligence chief James Clapper, among others. The group’s activities included not only hacking but also dissociating victims from their own digital identities, wherein they would leak sensitive information and harass victims through various means.
This latest arrest follows the earlier apprehension of a 16-year-old British teenager associated with the group, who was taken into custody by the FBI and British law enforcement in February. Although the investigation has not disclosed specific victims, the ramifications of these breaches indicate a profound vulnerability in government cybersecurity measures.
Notably, the group has been implicated in exposing personal details of approximately 31,000 government personnel. This includes data from around 20,000 FBI agents and 9,000 Homeland Security officers. Such breaches not only compromise individual privacy but also undermine national security, signaling a growing trend that business owners must take into account.
Investigators believe that social engineering tactics were employed between October 2015 and February 2016, enabling the hackers to manipulate victims into disclosing sensitive account information. This reflects a pressing concern: as cyber threats evolve, the techniques such as credential dumping and phishing remain effective, making initial access a priority for adversaries.
Moving forward, Boggs and Liverman are set to be extradited to the Eastern District of Virginia, where federal prosecutors have reportedly been assembling a case against Crackas With Attitude. The use of social engineering techniques for initial access is further detailed in frameworks like the MITRE ATT&CK Matrix, which outlines tactics such as privilege escalation and exfiltration that may have been utilized.
This situation serves as a critical reminder for business owners to bolster their cybersecurity protocols. It illustrates the dire consequences of underestimating the capabilities of malicious actors and the necessity of integrating robust security measures to counteract increasingly sophisticated cyber threats. The fallout from these arrests emphasizes the importance of vigilance in protecting sensitive information and maintaining the integrity of digital identities in an evolving threat landscape.
