FBI Email Hackers Send Thousands Of Fake Messages

Uploaded on 2021-11-15 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

The FBI has launched an investigation after thousands of fake email messages were sent from one of its own servers on Saturday 13th November warning of a cyber attack. Hackers succeeded in breaking in to the Federal Bureau of Investigation’s email systems and sent out tens of thousands of fake emails from an FBI address.

The hacked messages warned of a possible cyber attack, according to the monitoring group Spamhaus.

The fake messages purported to be from a legitimate FBI email address ending in @ic.fbi.gov, the agency said in a statement and appear to be coming from the US Department of Homeland Security.

“This is an ongoing situation, and we are not able to provide any additional information at this time. The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity to ic3.gov or cisa.gov,” the FBI said in a statement.

The hackers sent tens of thousands of emails warning of a possible cyber attack, Spamhaus said on its Twitter account. It included a subject line that read "Urgent: Threat Actor in systems" and appeared to end with a sign-off from the Department of Homeland Security. It also said: "Our intelligence monitoring indicates exfiltration of several of your visualised clusters in a sophisticated chain attack." It continued to read that "Vinny Troia, whom is believed to be affiliated with the extortion gang TheDark0verlord", had been identified as the "threat actor", before recommending people to check their systems.

The FBI said the hardware impacted by the incident "was taken offline quickly upon discovery of the issue"."This is an ongoing situation," it added in a statement.

The hack was first reported by Bloomberg, which, citing Spamhaus, said the attacks started at midnight on Saturday 13th November in New York with a subsequent campaign beginning at 2am. Both the FBI and the Cyber Security and Infrastructure Security Agency (CISA) are aware of the incident, the FBI statement said.

Currently it is not yet clear if the emails were sent by an individual with cleared access to the FBI servers or if out-side hackers were involved. According to sources, it is not the classified system that was compromised, but an externally facing account that is used to share and communicate unclassified information.

The incident comes on the heels of a number of high-profile breaches of US government networks in recent months and other attacks attributed to Russian and Chinese threat actors compromised at several US federal organisations, following which CISA  issued a statement mandating all government agencies to immediately update their software.

FBI:      Bloomberg:     Spamhaus:     Reuters:     Sky:     BBC:       DW:       NBC:       SCMP:       MSN:

You Might Also Read: 

Phishing Scam - Attackers Impersonate US Dept. of Transport:

 

« Microsoft Gets Serious About Dealing With The Skills Shortage
Financial Services Platform Loses Millions Of Customers' Data »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Lantronix

Lantronix

Lantronix is a global provider of secure data access and management solutions for Internet of Things (IoT) and information technology assets.

Skybox Security

Skybox Security

Skybox combines firewall and network device data with vulnerability and threat intelligence, putting security decisions in your unique network context.

Redbud

Redbud

Redbud is a specialist search and recruitment firm for Information Security professionals.

netfiles

netfiles

netfiles offers highly secure data rooms for sensitive business processes and secure data exchange.

GovCERT Austria

GovCERT Austria

GovCERT Austria is the Austrian Government Computer Emergency Response Team. Its constituency consists of Austria's public administration.

Defensity

Defensity

Defensity offer bespoke & pre packaged IT Security Solutions for Small business to help companies reduce overall IT related risk.

A&O IT Group

A&O IT Group

A&O IT Group provide IT support and services including IT Managed Services, IT Project Services, IT Engineer Services and Cyber Security.

Extreme Engineering Solutions (X-ES)

Extreme Engineering Solutions (X-ES)

Extreme Engineering Solutions is a leader in the design, manufacture, testing, and support of hardware and software solutions for the embedded computing market.

Sikich

Sikich

Sikich LLP is a leading professional services firm specializing in accounting, advisory, technology and managed services.

Cerby

Cerby

Your team uses unmanageable applications that put you, your company, and your data at risk. Protect, secure, and accelerate your business automatically with Cerby.

Rezonate

Rezonate

Rezonate discovers, profiles, and protects Identities and their entire access journey to cloud infrastructure and critical SaaS applications. Preventing and stopping cyberattacks.

Driven Technologies

Driven Technologies

Driven is a cloud native service provider transforming the way companies leverage technology to improve business by securing, modernizing, and connecting applications, users, and data.

RapidFort

RapidFort

RapidFort’s Software Attack Surface Optimization Platform remediates 95% of software vulnerabilities in minutes without code changes.

Digital Twin Consortium (DTC)

Digital Twin Consortium (DTC)

Digital Twin Consortium is a global ecosystem of users who are driving best practices for digital twin usage and defining requirements for new digital twin standards.

X-PHY

X-PHY

X-PHY is a pioneering cybersecurity company dedicated to hardware-based cybersecurity solutions that protect data at its core.

WideField Security

WideField Security

WideField Security a venture backed cybersecurity startup helps enterprise protect their identity attack surface.