Hackers Dox Hundreds of DHS, ICE, FBI, and DOJ Officials
A group of hackers from the Com, a loose-knit community behind some of the most significant data breaches in recent years, have posted the names and personal information of hundreds of government officials, including people working for the Department of Homeland Security (DHS) and Immigration and Customs Enforcement (ICE).
“I want my MONEY MEXICO,” a user of the Scattered LAPSUS$ Hunters Telegram channel, which is a combination of a series of other hacking group names associated with the Com, posted on Thursday. The message was referencing a claim from the DHS that Mexican cartels have begun offering thousands of dollars for doxing agents. The U.S. government has not provided any evidence for this claim.
404 Media reviewed multiple spreadsheets posted in the group’s Telegram channel. One contained the alleged personal information of 680 DHS officials; another contained data on more than 170 FBI email addresses and their owners; and the third contained the apparent personal information of more than 190 Department of Justice officials.
“Mexican Cartels hmu [hit me up] we dropping all the doxes wheres my 1m [1 million],” another message reads.
💡
Do you know anything else about this data dump? Do you work at any of the agencies impacted? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.
Using data collected by cybersecurity company District 4 Labs, 404 Media corroborated some of the data posted to Telegram. It showed that many parts of the dox did relate to government officials with the same name, agency, address, or phone number. In some cases, the addresses posted by the hackers appear to relate to residential addresses rather than offices.
It is not clear how the hackers collated or otherwise sourced this data, be that by combining previous diffuse data breaches, or by obtaining it from a government-specific breach.
DHS has repeatedly said that its officers are facing a wave of doxing and physical threats in the second Trump administration. Most recently the agency said officials “are facing a more than 1000% increase in assaults against them and their families are being doxxed and threatened online.” It is not clear how exactly DHS is quantifying those events to calculate that increase.
The U.S. government has taken action against apps, websites, and social media pages it claims are doxing or otherwise threatening DHS and ICE officials. In many cases, those apps were participating in First Amendment protected speech and were not doxing officials. Apple, for example, removed one app called Eyes Up that was aggregating videos of ICE activity and abuses. Apple banned a wave of apps after direct pressure from the Department of Justice.
These apps also gained popularity after masked ICE agents who refused to identify themselves repeatedly raided communities of immigrants and picked people off the street often without explanation. Recently ICE’s activity has included shooting a priest in the head with a projectile; flooding Chicago neighborhoods with chemical irritants; and detaining and threatening U.S. citizens.
playlist.megaphone.fm?p=TBIEA2…
The data dump by Scattered LAPSUS$ Hunters is more clearly an attempt at a mass doxing event.
The hacking group that posted the dox emerged from the Com, short for community. On Discord servers and Telegram channels, thousands of fraudsters, scammers, hackers, and gamers carry out hacks, beef with one another, and commission physical violence. A number of loose-knit groups have emerged from that community, including Scattered Spider which was responsible for the massive ransomware attack against MGM Resorts, and LAPSUS$ which was responsible for a wave of extortions against gaming companies, including Electronic Arts.
The name Scattered LAPSUS$ Hunters is an amalgamation of several of those names. This iteration gained notoriety recently after threatening to publish a wealth of data related to Salesforce customers, including Disney/Hulu, FedEx, Toyota, UPS, and more.
In 2016, another hacking group called Crackas With Attitude posted the personal information of around 20,000 FBI agents and 9,000 DHS officials.
Neither the DHS, FBI, or Department of Justice responded to requests for comment.
“U guys want IRS next?” the hackers wrote in another message.
Hacker Publishes Personal Info of 20,000 FBI Agents
As promised, hacker publishes personal information of 20,000 FBI agents, allegedly stolen from a hacked Department of Justice computer.Lorenzo Franceschi-Bicchierai (VICE)
Apple Banned an App That Simply Archived Videos of ICE Abuses
Apple removed an app for preserving TikToks, Instagram reels, news reports, and videos documenting abuses by ICE, 404 Media has learned. The app, called Eyes Up, differs from other banned apps such as ICEBlock which were designed to report sightings of ICE officials in real-time to warn local communities. Eyes Up, meanwhile, was more of an aggregation service pooling together information to preserve evidence in case the material is needed in the future in court.The news shows that Apple and Google’s crackdown on ICE-spotting apps, which started after pressure from the Department of Justice against Apple, is broader in scope than apps that report sightings of ICE officials. It has also impacted at least one app that was more about creating a historical record of ICE’s activity during its mass deportation effort.
“Our goal is government accountability, we aren’t even doing real-time tracking,” the administrator of Eyes Up, who said their name was Mark, told 404 Media. Mark asked 404 Media to only use his first name to protect him from retaliation. “I think the [Trump] admin is just embarrassed by how many incriminating videos we have.”
💡
Do you work at Apple or Google and know anything else about these app removals? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.Mark said the app was removed on October 3. At the time of writing, the Apple App Store says “This app is currently not available in your country or region” when trying to download Eyes Up.
The website for Eyes Up which functions essentially the same way is still available. The site includes a map with dots that visitors can click on, which then plays a video from that location. Users are able to submit their own videos for inclusion. Mark said he manually reviews every video before it is uploaded to the service, to check its content and its location.
“I personally look at each submission to ensure that it's relevant, accurately described to the best I can tell, and appropriate to post. I actually look at the user submitted location and usually cross-reference with [Google] Street View to verify. We have an entire private app just for moderation of the submissions,” Mark said.
Screenshots of Eyes Up.
The videos available on Eyes Up are essentially the same you might see when scrolling through TikTok, Instagram, or X. They are a mix of professional media reports and user-generated clips of ICE arrests. Many of the videos are clearly just re-uploads of material taken from those social media apps, and still include TikTok or Instagram watermarks. Mark said the videos are also often taken from Reddit or the community- and crime-awareness app Citizen too.
Many of the videos from New York are footage of ICE officials aggressively detaining people inside the city’s courts, something ICE has been doing for months. Another is a video from the New York Immigration Coalition (NYIC), which represents more than 200 immigrant and refugee rights groups. Another is an Instagram video showing ICE taking “a mother as her child begs the officers not to take her,” according to a caption on the video. The map includes similar videos from San Diego, Los Angeles, and Portland, Oregon, which are clearly taken from TikTok or media reports, including NBC News.
“Our goal is to preserve evidence until it can be used in court, and we believe the mapping function will make it easier for litigants to find bystander footage in the future,” Mark said.
Apple removed ICEBlock, another much more prominent app, on Thursday from its App Store. The move came after direct pressure from Department of Justice officials acting at the direction of Attorney General Pam Bondi, according to Fox. A statement the Department of Justice provided to 404 Media said the agency reached out to Apple “demanding they remove the ICEBlock app from their App Store—and Apple did so.” Fox says authorities have claimed that Joshua Jahn, the suspected shooter of an ICE facility in September in which a detainee was killed, searched his phone for various tracking apps before attacking the facility.
Joshua Aaron, the developer of ICEBlock, told 404 Media “we are determined to fight this.”
ICEBlock allowed people to create an alert, based on their location, about ICE officials in their area. This then sent an alert to other users nearby.
Apple also removed another similar app called Red Dot, 404 Media reported. Google did the same thing, and described ICE officials as a vulnerable group. Apple also removed an app called DeICER.
playlist.megaphone.fm?p=TBIEA2…
Yet, Eyes Up differs from those apps in that it does not function as a real-time location reporting app.Apple did not respond to a request for comment on Wednesday about Eyes Up’s removal.
Mark provided 404 Media with screenshots of the emails he received from Apple. In the emails, Apple says Eyes Up violates the company’s guidelines around objectionable content. That can include “Defamatory, discriminatory, or mean-spirited content, including references or commentary about religion, race, sexual orientation, gender, national/ethnic origin, or other targeted groups, particularly if the app is likely to humiliate, intimidate, or harm a targeted individual or group. Professional political satirists and humorists are generally exempt from this requirement.”
The emails also say that law enforcement have provided Apple with information that shows the purpose of the app is “to provide location information about law enforcement officers that can be used to harm such officers individually or as a group.”
The emails are essentially identical to those sent to the developer of ICEBlock which 404 Media previously reported on.
In an appeal to the app removal, Mark told Apple “the posts on this app are significantly delayed and subject to manual review, meaning the officers will be long gone from the location by the time the content is posted to be viewed by the public. This would make it impossible for our app to be used to harm such officers individually or as a group.”
“The sole purpose of Eyes Up is to document and preserve evidence of abuses of power by law enforcement, which is an important function of a free society and constitutionally protected,” Mark’s response adds.
Apple then replied and said the ban remains in place, according to another email Mark shared.
The app is available on Google's Play Store.
SCOOP: Apple Quietly Made ICE Agents a Protected Class
Internal emails show tech giant used anti-hate-speech rules meant for minorities to block an app documenting immigration enforcement.Pablo Manríquez (Migrant Insider)
reshared this
GhostOnTheHalfShell reshared this.