FBI Email Hackers Send Thousands Of Fake Messages

The FBI has launched an investigation after thousands of fake email messages were sent from one of its own servers on Saturday 13th November warning of a cyber attack. Hackers succeeded in breaking in to the Federal Bureau of Investigation’s email systems and sent out tens of thousands of fake emails from an FBI address.

The hacked messages warned of a possible cyber attack, according to the monitoring group Spamhaus.

The fake messages purported to be from a legitimate FBI email address ending in @ic.fbi.gov, the agency said in a statement and appear to be coming from the US Department of Homeland Security.

“This is an ongoing situation, and we are not able to provide any additional information at this time. The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity to ic3.gov or cisa.gov,” the FBI said in a statement.

The hackers sent tens of thousands of emails warning of a possible cyber attack, Spamhaus said on its Twitter account. It included a subject line that read "Urgent: Threat Actor in systems" and appeared to end with a sign-off from the Department of Homeland Security. It also said: "Our intelligence monitoring indicates exfiltration of several of your visualised clusters in a sophisticated chain attack." It continued to read that "Vinny Troia, whom is believed to be affiliated with the extortion gang TheDark0verlord", had been identified as the "threat actor", before recommending people to check their systems.

The FBI said the hardware impacted by the incident "was taken offline quickly upon discovery of the issue"."This is an ongoing situation," it added in a statement.

The hack was first reported by Bloomberg, which, citing Spamhaus, said the attacks started at midnight on Saturday 13th November in New York with a subsequent campaign beginning at 2am. Both the FBI and the Cyber Security and Infrastructure Security Agency (CISA) are aware of the incident, the FBI statement said.

Currently it is not yet clear if the emails were sent by an individual with cleared access to the FBI servers or if out-side hackers were involved. According to sources, it is not the classified system that was compromised, but an externally facing account that is used to share and communicate unclassified information.

The incident comes on the heels of a number of high-profile breaches of US government networks in recent months and other attacks attributed to Russian and Chinese threat actors compromised at several US federal organisations, following which CISA  issued a statement mandating all government agencies to immediately update their software.

FBI:      Bloomberg:     Spamhaus:     Reuters:     Sky:     BBC:       DW:       NBC:       SCMP:       MSN:

You Might Also Read: 

Phishing Scam - Attackers Impersonate US Dept. of Transport:

 

« Microsoft Gets Serious About Dealing With The Skills Shortage
Financial Services Platform Loses Millions Of Customers' Data »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cloud Security Alliance (CSA)

Cloud Security Alliance (CSA)

The CSA is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing

British Insurance Brokers’ Association (BIBA)

British Insurance Brokers’ Association (BIBA)

BIBA is the UK’s leading general insurance intermediary organisation. Use the ‘Find Insurance‘ section of the BIBA website to find providers of cyber risk insurance in the UK.

Telefonica Tech

Telefonica Tech

Telefónica Cyber Security Tech is focused on the prevention, detection and appropriate response to security incidents aimed at protecting your digital services.

ENVEIL

ENVEIL

ENVEIL’s technology is the first scalable commercial solution to cryptographically secure Data in Use.

HexaTrust

HexaTrust

The HEXATRUST club was founded by a group of French SMEs that are complementary players with expertise in information security systems, cybersecurity, cloud confidence and digital trust.

Rublon

Rublon

Rublon protects endpoints, networks and applications by providing trusted access via two-factor authentication (2FA).

Secure Recruitment

Secure Recruitment

Secure Recruitment is a specialist Executive Search business that focuses its efforts on attracting specific exceptional talent in Cyber Security.

HardSecure

HardSecure

Hardsecure supports organizations to face security threats through the adoption of cybersecurity capabilities that guarantee 360º monitoring, visibility, mitigation, and blocking.

The Cyber Guild

The Cyber Guild

The Cyber Guild is a not-for-profit organization working to improve the understanding and practice of cybersecurity, and to help raise awareness and education for all.

Cyber Suraksa

Cyber Suraksa

We make security simple and hassle-free by offering a sustained and secure IT environment with next-gen cybersecurity solutions through a scalable security-as-a-service model.

DESCERT

DESCERT

DESCERT offers you an extended IT, cyber security, risk advisory & compliance audit team which provides strategic guidance, engineering and audit services.

Framework Security

Framework Security

With Framework Security, you get more than a consultancy; you get a partner dedicated to simplifying cybersecurity and protecting your business in the most efficient way possible.

OxCyber

OxCyber

OxCyber's mission is to ignite and encourage cybersecurity and technology growth in the Thames Valley through meetings, webinars, in person events, workshops and mentorship programs.

SecureAck

SecureAck

From our A-Op SaaS automation platform to Managed Automation-as-a-Service (MAaaS), SecureAck offer powerful security automation the way that best suits your organisation's needs.

Diverto

Diverto

Diverto is a company that provides a high level of information security to companies, institutions and other organisations in an information-centric world.

SECTA5

SECTA5

SECTA5 is a cybersecurity company building a next-generation Continuous Threat and Exposure Management platform, leveraging the expertise of offensively trained cyber defenders.