FBI Email Hackers Send Thousands Of Fake Messages

Uploaded on 2021-11-15 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

The FBI has launched an investigation after thousands of fake email messages were sent from one of its own servers on Saturday 13th November warning of a cyber attack. Hackers succeeded in breaking in to the Federal Bureau of Investigation’s email systems and sent out tens of thousands of fake emails from an FBI address.

The hacked messages warned of a possible cyber attack, according to the monitoring group Spamhaus.

The fake messages purported to be from a legitimate FBI email address ending in @ic.fbi.gov, the agency said in a statement and appear to be coming from the US Department of Homeland Security.

“This is an ongoing situation, and we are not able to provide any additional information at this time. The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity to ic3.gov or cisa.gov,” the FBI said in a statement.

The hackers sent tens of thousands of emails warning of a possible cyber attack, Spamhaus said on its Twitter account. It included a subject line that read "Urgent: Threat Actor in systems" and appeared to end with a sign-off from the Department of Homeland Security. It also said: "Our intelligence monitoring indicates exfiltration of several of your visualised clusters in a sophisticated chain attack." It continued to read that "Vinny Troia, whom is believed to be affiliated with the extortion gang TheDark0verlord", had been identified as the "threat actor", before recommending people to check their systems.

The FBI said the hardware impacted by the incident "was taken offline quickly upon discovery of the issue"."This is an ongoing situation," it added in a statement.

The hack was first reported by Bloomberg, which, citing Spamhaus, said the attacks started at midnight on Saturday 13th November in New York with a subsequent campaign beginning at 2am. Both the FBI and the Cyber Security and Infrastructure Security Agency (CISA) are aware of the incident, the FBI statement said.

Currently it is not yet clear if the emails were sent by an individual with cleared access to the FBI servers or if out-side hackers were involved. According to sources, it is not the classified system that was compromised, but an externally facing account that is used to share and communicate unclassified information.

The incident comes on the heels of a number of high-profile breaches of US government networks in recent months and other attacks attributed to Russian and Chinese threat actors compromised at several US federal organisations, following which CISA  issued a statement mandating all government agencies to immediately update their software.

FBI:      Bloomberg:     Spamhaus:     Reuters:     Sky:     BBC:       DW:       NBC:       SCMP:       MSN:

You Might Also Read: 

Phishing Scam - Attackers Impersonate US Dept. of Transport:

 

« Microsoft Gets Serious About Dealing With The Skills Shortage
Financial Services Platform Loses Millions Of Customers' Data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

JumpCloud

JumpCloud

JumpCloud's Directory-as-a-Service (DaaS) is the single point of authority to authenticate, authorize, and manage the identities of a business’s employees and the systems and IT resources they need.

Indium Software

Indium Software

Indium Software is an Independent Software Testing Company offering software testing services (including security testing) and offshore Quality Assurance solutions.

CRU Data Security Group (CDSG)

CRU Data Security Group (CDSG)

CRU is a pioneer in devices for data mobility, data security, encryption, and digital investigation.

Neoteric Networks

Neoteric Networks

We deliver a no nonsense procedure to implementing technology. The technology selection process ensures that all customers enjoy an engineered methodology implementing technology.

Prescient

Prescient

Prescient’s Cyber solutions supplement your firm’s existing data security infrastructure with specialized investigations that identify unconventional cyber risks.

Cypherix

Cypherix

Cypherix is tightly focused on cryptography and data security. We leverage our expertise to deliver state-of-the-art, world-class encryption software packages.

British Security Industry Association - CySPAG

British Security Industry Association - CySPAG

CySPAG is a special interest group within the British Security Industry Association (BSIA) focused on reducing the risk of product related cybercrime.

Guardara

Guardara

Guardara's mission is to help our customers to continuously improve in every aspect of software development.

Pixm

Pixm

Pixm’s computer vision based approach offers a truly unique and effective means to protect organizations from web-based phishing attacks.

Aware

Aware

Aware is the only comprehensive AI solution for governance, risk, compliance and insights for leading collaboration platforms.

Pelta Cyber Security

Pelta Cyber Security

Pelta Cyber Security is the cyber security consulting and solutions division of Softworld Inc. We provide staffing and recruitment services as well as consulting and solutions for outsourced projects.

UST

UST

UST is a global provider of digital technology and transformation, IT services and solutions including managed security services.

MAXXeGUARD Data Safety

MAXXeGUARD Data Safety

MAXXeGUARD: The High Security Shredder. MAXXeGUARD easily destroys hard disks up to the highest security levels as well as other digital data carriers like SSD’s, LTO’s, USB’s, CD’s etc.

6clicks

6clicks

6clicks is an easy way to implement your risk and compliance program or achieve compliance with ISO 27001, SOC 2, PCI-DSS, HIPAA, NIST, FedRAMP and many other standards.

Plex IT

Plex IT

Plex IT provides managed IT services to organisations along with managed security services.

Tidelift

Tidelift

Tidelift provides the tools, data, and strategies that help organizations assess risk and improve the health, security, and resilience of the open source used in their applications.