Alarming news spread out last week as the nation’s Federal Bureau of Instigation was reportedly hacked by someone who sent out spam emails to thousands of people warning of a serious cyberattack. This issue has acknowledged by the bureau’s Cybersecurity and Infrastructure Security Agency on Saturday, the 13th of November.
As per a report by Bleeping Computer, the fake email stated that its recipients have become the victims of a “sophisticated chain attack.” The hackers used the FBI’s public-facing email system to make the emails seem legitimate.
According to the report by Bleeping Computer, the fake emails claimed that the advanced threat actor was a person named Vinny Troia. It should be noted that Troia is the head of security research of dark web intelligence for companies such as NightLion and Shadowbyte, adds the report.
Watch it here: ThioJoe/Youtube
The Spamhaus Project, a non-profit intelligence organization, said the emails have likely been sent to over 100,000 email addresses. The hackers made use of legitimate FBI systems to plan the attack like using email addresses scraped from a database for the American Registry for Internet Numbers (ARIN), adds the report.
The hackers injected a list of more than 100,000 email addresses “scraped from ARIN database” into a server at the Department of Homeland Security. They note in their official statement that “the fake emails came from a legitimate FBI email.”
They further explained, they “are causing a lot of disruption because the headers are real.” They really are coming from government infrastructure but they “have no name or contact information in the .sig. Please beware!”
The FBI experts are scrambling to find out what happened and prevent it from happening again. They’re clueless and begging for help.
“This is an ongoing situation and we are not able to provide any additional information at this time. The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity to ic3.gov or cisa.gov.”
We have been made aware of “scary” emails sent in the last few hours that purport to come from the FBI/DHS. While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS (the LEEP portal), our research shows that these emails *are* fake.
— Spamhaus (@spamhaus) November 13, 2021
The FBI in a statement said that it was aware of a “software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails.” The statement adds that LEEP is the agency’s IT infrastructure which is used to communicate with state and local law enforcement partners.
“While the illegitimate email originated from an FBI-operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on the FBI’s network. Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks,” the statement adds.
Sources: Deep State Rabbit Hole, Forbes, Indiana Express, Bleeping Computer