FBI Email Hackers Send Thousands Of Fake Messages

Uploaded on 2021-11-15 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

The FBI has launched an investigation after thousands of fake email messages were sent from one of its own servers on Saturday 13th November warning of a cyber attack. Hackers succeeded in breaking in to the Federal Bureau of Investigation’s email systems and sent out tens of thousands of fake emails from an FBI address.

The hacked messages warned of a possible cyber attack, according to the monitoring group Spamhaus.

The fake messages purported to be from a legitimate FBI email address ending in @ic.fbi.gov, the agency said in a statement and appear to be coming from the US Department of Homeland Security.

“This is an ongoing situation, and we are not able to provide any additional information at this time. The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity to ic3.gov or cisa.gov,” the FBI said in a statement.

The hackers sent tens of thousands of emails warning of a possible cyber attack, Spamhaus said on its Twitter account. It included a subject line that read "Urgent: Threat Actor in systems" and appeared to end with a sign-off from the Department of Homeland Security. It also said: "Our intelligence monitoring indicates exfiltration of several of your visualised clusters in a sophisticated chain attack." It continued to read that "Vinny Troia, whom is believed to be affiliated with the extortion gang TheDark0verlord", had been identified as the "threat actor", before recommending people to check their systems.

The FBI said the hardware impacted by the incident "was taken offline quickly upon discovery of the issue"."This is an ongoing situation," it added in a statement.

The hack was first reported by Bloomberg, which, citing Spamhaus, said the attacks started at midnight on Saturday 13th November in New York with a subsequent campaign beginning at 2am. Both the FBI and the Cyber Security and Infrastructure Security Agency (CISA) are aware of the incident, the FBI statement said.

Currently it is not yet clear if the emails were sent by an individual with cleared access to the FBI servers or if out-side hackers were involved. According to sources, it is not the classified system that was compromised, but an externally facing account that is used to share and communicate unclassified information.

The incident comes on the heels of a number of high-profile breaches of US government networks in recent months and other attacks attributed to Russian and Chinese threat actors compromised at several US federal organisations, following which CISA  issued a statement mandating all government agencies to immediately update their software.

FBI:      Bloomberg:     Spamhaus:     Reuters:     Sky:     BBC:       DW:       NBC:       SCMP:       MSN:

You Might Also Read: 

Phishing Scam - Attackers Impersonate US Dept. of Transport:

 

« Microsoft Gets Serious About Dealing With The Skills Shortage
Financial Services Platform Loses Millions Of Customers' Data »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

SSH Communications Security

SSH Communications Security

SSH Communications Security is a leading provider of enterprise cybersecurity solutions for controlling trusted access to information systems and data.

Alert Logic

Alert Logic

Alert Logic delivers unrivaled security for any environment, delivering industry-leading managed detection and response (MDR) and web application firewall (WAF) solutions.

BCS Financial

BCS Financial

BCS Financial delivers financial and insurance solutions. Specialty risk products include Cyber and Privacy Liability insurance.

Zeneth Technology Partners

Zeneth Technology Partners

Zeneth is a consulting firm providing information technology and cybersecurity services to federal and commercial clients.

TI Safe

TI Safe

TI Safe provide cybersecurity solutions for industrial networks of main critical infrastructures in Latin America.

SecureAppbox

SecureAppbox

SecureAppbox provide solutions that protects the communication of sensitive data as well as advice on data security and compliance with GDPR.

4Stop

4Stop

4Stop is a global KYC, compliance and anti-fraud risk management company.

MagicCube

MagicCube

MagicCube is a device independent IoT security platform that protects against on-device, cloud, and network attacks.

YL Ventures

YL Ventures

YL Ventures funds and supports brilliant Israeli tech entrepreneurs from seed to lead.

Octane OC

Octane OC

OCTANe is building the SoCal of tomorrow. We drive innovation and growth by connecting people, resources and capital. Our Incubator focus is FinTech, Data Analytics and Cybersecurity.

Authomize

Authomize

Authomize aggregates identities and authorization mechanisms from any applications around your hybrid environment into one unified platform so you can easily and rapidly manage and secure all users.

Microminder Cyber Security

Microminder Cyber Security

Microminder Cyber Security are innovators, advisors, strategists committed to solving your cyber security challenges.

Heartland Business Systems (HBS)

Heartland Business Systems (HBS)

Heartland Business Systems serves commercial, public sector and small to medium business with results-driven and dedicated information technology services.

Aegis Cyber Defense Systems

Aegis Cyber Defense Systems

AEGIS is a powerful cybersecurity tool that can help protect your devices and networks from cyber threats, and increase performance.

AdviserCyber

AdviserCyber

AdviserCyber provide Cybersecurity and Compliance Solutions for Registered Investment Advisers.

Qubika

Qubika

Qubika are shaping the future of next-generation applications by seamlessly integrating high-quality UX, robust security, and AI-driven intelligence.