Sunday, December 4, 2022
Home Health FBI’s email system was hacked to send out fake cybersecurity warnings

FBI’s email system was hacked to send out fake cybersecurity warnings

[ad_1]

The Federal Bureau of Investigation (FBI), which is the United States federal law enforcement agency, had its email servers targeted by someone who sent out spam emails to thousands of people warning of a serious cyberattack. The FBI has acknowledged the issue in an official statement.

As per a report by Bleeping Computer, the fake email stated that its recipients have become the victims of a “sophisticated chain attack.” The hackers used the FBI’s public-facing email system to make the emails seem legitimate. According to the report by Bleeping Computer, the fake emails claimed that the advanced threat actor was a person named Vinny Troia. It should be noted that Troia is the head of security research of dark web intelligence for companies such as NightLion and Shadowbyte, adds the report.

The Spamhaus Project, a non-profit intelligence organisation, said the emails have likely been sent to over 100,000 email addresses. The hackers made use of legitimate FBI systems to plan the attack like using email addresses scraped from a database for the American Registry for Internet Numbers (ARIN), adds the report.

Alex Grosjean, senior threat analyst at Spamhaus told CNN, while they did not think any malicious link was attached to the email, this was likely a prank meant to scare the recipients.

Meanwhile, KrebsOnSecurity has reported that the attacker behind this was likely an actor called “Pompompurin” who had contacted them after the emails were sent out. The attacker claimed that”the hack was done to point out a glaring vulnerability in the FBI’s system,” notes the report.

Incidentally, Troia who was targeted in the email also tweeted about the issue and said it was likely that the person identifying as Pompompurin was responsible for it.

The FBI in a statement said that it was aware of a “software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails.” The statement adds that LEEP is the agency’s IT infrastructure which is used to communicate with state and local law enforcement partners.

“While the illegitimate email originated from an FBI-operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on the FBI’s network. Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks,” the statement adds.



[ad_2]

Source link

RELATED ARTICLES

Overview of Masseter Botox

Overview of Masseter Botox: Botox can be described as injectable to relax muscles. It is a drug that uses onabotulinumtoxinA which is a neurotoxin...

Need to Know Before Getting a Venom Tongue

Need to Know Before Getting a Venom Tongue : A venom piercing refers to the piercing of two tongues -both sides of...

Overview of O-Shot

Overview of O-Shot: For many women suffering from issues with sexual sexuality as well as women who do not sexual dysfunction, there is a...

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Overview of Masseter Botox

Overview of Masseter Botox: Botox can be described as injectable to relax muscles. It is a drug that uses onabotulinumtoxinA which is a neurotoxin...

Different ways to fix Update Google Chrome

Different ways to fix Update Google Chrome: If you're like me, you probably use Google Chrome as your primary web browser. It's...

How to Do Fishing in ARK

How to Do Fishing in ARK: It will allow you to get more than just additional food. Most people aren't aware that it's...

Need to Know Before Getting a Venom Tongue

Need to Know Before Getting a Venom Tongue : A venom piercing refers to the piercing of two tongues -both sides of...