Menu
Browse

Cyber Threat Actor: joshua

Actor Type Location Known Incidents
 Icon
Activist
Brazil
1 incident
Profile

The threat actor known by the alias joshua operates from Brazil and is publicly linked to the Fatal Error Crew, a group that has claimed responsibility for several data disclosures. This affiliation is the only concrete connection to a larger criminal consortium that appears in open sources, and no state sponsorship or national‑level direction has been attributed to the actor. The actor’s online handle appears in Pastebin posts where leaked data is shared, indicating a preference for public exposure as a means of signaling involvement.

Targeting observed in the single publicly documented case focuses on the retail sector, specifically the gift‑card platform of a multinational fashion retailer’s Brazilian division. The actor’s stated objective, as reported by the retailer and corroborated by local media, was retaliatory: the leak was described as a response to the company’s alleged misuse of jobseeker data to meet internal gift‑card production goals. This motive frames the activity as a form of protest or disruption rather than financial gain or espionage, and no evidence of profit‑driven extortion or intelligence collection has been presented.

The most notable operation attributed to joshua occurred on August 23 2018, when the actor allegedly compromised C&A Brazil’s gift‑card system, extracting personal information such as identification numbers, email addresses, card balances, order numbers and purchase timestamps for roughly thirty‑six thousand customers. The stolen dataset was subsequently posted to Pastebin under the Fatal Error Crew banner, prompting the retailer to confirm unauthorized activity, activate contingency procedures, and pursue legal action while denying any improper use of the exposed data. This incident remains the sole publicly reported campaign that directly ties the alias to a concrete breach.

Given the limited scope of available information, the profile is confined to these verified elements: the alias joshua, Brazilian location, affiliation with Fatal Error Crew, retail‑sector targeting in Brazil, a retaliatory objective concerning alleged data misuse, and the 2018 C&A Brazil gift‑card platform breach as the representative operation. No further details regarding malware families, initial‑access vectors, tooling preferences, or additional campaigns can be substantiated from the supplied sources.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
1 source