FBI Email Hackers Send Thousands Of Fake Messages

Uploaded on 2021-11-15 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

The FBI has launched an investigation after thousands of fake email messages were sent from one of its own servers on Saturday 13th November warning of a cyber attack. Hackers succeeded in breaking in to the Federal Bureau of Investigation’s email systems and sent out tens of thousands of fake emails from an FBI address.

The hacked messages warned of a possible cyber attack, according to the monitoring group Spamhaus.

The fake messages purported to be from a legitimate FBI email address ending in @ic.fbi.gov, the agency said in a statement and appear to be coming from the US Department of Homeland Security.

“This is an ongoing situation, and we are not able to provide any additional information at this time. The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity to ic3.gov or cisa.gov,” the FBI said in a statement.

The hackers sent tens of thousands of emails warning of a possible cyber attack, Spamhaus said on its Twitter account. It included a subject line that read "Urgent: Threat Actor in systems" and appeared to end with a sign-off from the Department of Homeland Security. It also said: "Our intelligence monitoring indicates exfiltration of several of your visualised clusters in a sophisticated chain attack." It continued to read that "Vinny Troia, whom is believed to be affiliated with the extortion gang TheDark0verlord", had been identified as the "threat actor", before recommending people to check their systems.

The FBI said the hardware impacted by the incident "was taken offline quickly upon discovery of the issue"."This is an ongoing situation," it added in a statement.

The hack was first reported by Bloomberg, which, citing Spamhaus, said the attacks started at midnight on Saturday 13th November in New York with a subsequent campaign beginning at 2am. Both the FBI and the Cyber Security and Infrastructure Security Agency (CISA) are aware of the incident, the FBI statement said.

Currently it is not yet clear if the emails were sent by an individual with cleared access to the FBI servers or if out-side hackers were involved. According to sources, it is not the classified system that was compromised, but an externally facing account that is used to share and communicate unclassified information.

The incident comes on the heels of a number of high-profile breaches of US government networks in recent months and other attacks attributed to Russian and Chinese threat actors compromised at several US federal organisations, following which CISA  issued a statement mandating all government agencies to immediately update their software.

FBI:      Bloomberg:     Spamhaus:     Reuters:     Sky:     BBC:       DW:       NBC:       SCMP:       MSN:

You Might Also Read: 

Phishing Scam - Attackers Impersonate US Dept. of Transport:

 

« Microsoft Gets Serious About Dealing With The Skills Shortage
Financial Services Platform Loses Millions Of Customers' Data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CERT.BY

CERT.BY

The National Computer Emergency Response Team of the Republic of Belarus.

DFLabs

DFLabs

DFlabs is a pioneer in Security Automation & Orchestration technology, leveraging your existing security products to dramatically reduce the response and remediation gap.

Exabeam

Exabeam

Exabeam is a global cybersecurity leader that delivers AI-driven security operations.

Syskode Technologies

Syskode Technologies

Sykode Technologies is a next-generation global technology company offering an integrated portfolio of advisory services, products and solutions in areas including AI, IoT and Cyber Security.

SOCOTEC Certification International

SOCOTEC Certification International

SOCOTEC Certification International has been providing management systems assessment and accredited ISO certification services to organisations around the world since 1995.

GoCyber

GoCyber

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.

GuardRails

GuardRails

GuardRails provides continuous security feedback that empowers developers to find, fix, and prevent vulnerabilities.

MagiQ Technologies

MagiQ Technologies

MagiQ produced the world’s first commercial quantum cryptography product that delivered advanced, future-proof network security.

Secura B.V.

Secura B.V.

Secura is an independent specialized cybersecurity expert, providing insights to protect valuable assets and data.

Apptega

Apptega

Apptega is an award-Winning Cybersecurity and Compliance Platform. Our mission is to make cybersecurity and compliance easy for everyone.

Accops Systems

Accops Systems

Accops enables secure and instant remote access to business applications from any device and network, ensuring compliant enterprise mobility.

VMware

VMware

VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control.

TrafficGuard

TrafficGuard

TrafficGuard is an award-winning digital ad verification and fraud prevention platform.

CERT.ar

CERT.ar

CERT.ar is the national Computer Emergency Response Team for the technical-administrative management of computer security incidents in the National Public Sector of Argentina.

Darwinium

Darwinium

Darwinium is a Cyberfraud Prevention Platform that provides scalable customer journey protection without complexity.

Stratsec

Stratsec

Stratsec is a global team of experts on a mission to protect human life, well-being and the environment against cyber-driven threats.