It’s one thing for hackers to target websites and proudly announce it on social media platforms for all to see. It’s, however, an entirely different thing to leave a digital trail that leads cybersecurity researchers right to their doorsteps.
That’s exactly what happened in the case of a hacktivist under the name of VandaTheGod, who has been attributed to a series of attacks on government websites since July 2019.
In a report shared with The Hacker News, researchers from Check Point said they were able to map VandaTheGod’s activity over the years, and eventually zero down the attacker’s real identity to a Brazilian individual from the city of Uberlândia.
The cybersecurity firm said it notified concerned law enforcement of its findings for further action, adding the social media activities on profiles associated with VandaTheGod came to a halt towards the end of 2019.
A Long Social Media Trail
VandaTheGod has a long history of going after government websites, universities, and healthcare providers. Notably, the attacker claimed to have breached the database of New Zealand’s Tū Ora Compass Health and offered medical details of one million patients for sale on Twitter last October.
The hacker in question, allegedly part of the “Brazilian Cyber Army” (BCA), has also vandalised dozens of websites to spread anti-government messages, in addition to displaying BCA’s logo in screenshots of compromised accounts and websites.
“Many of the messages left on the defaced websites implied that the attacks were motivated by anti-government sentiment, and were carried out to combat social injustices that the hacker believed were a direct result of government corruption,” the researchers said.
images from Hacker News