A hacker hacked into the email system of the Federal Bureau Of Investigation (FBI) and sent over 100, 000 fake emails to people.
The hacker sent out phony email messages that claimed its recipients were victims of a “sophisticated chain attack.”
The emails claim that Vinny Troia was behind the fake attacks.
It also added that Troia is associated with the infamous hacking group, The Dark Overlord — the same bad actors who leaked the fifth season of Orange Is the New Black.
The hacker’s motives are unknown.
The email message was a bizarre, technically incoherent warning that made reference to cybersecurity writer Vinny Troia as well as a cybercriminal group called The Dark Overlord. Troia’s company, Night Lion Security, published research on The Dark Overlord in January.
The hacker signed off as the U.S. Department of Homeland Security’s Cyber Threat Detection and Analysis Group, which hasn’t existed for at least two years.
The FBI routinely warns American companies of cyber threats targeting particular industries, or when they learn of malicious hackers trying an effective new technique. This is believed to be the first known case of a seemingly malicious actor gaining access to one of those systems to send spam to a large number of people.
The incident comes on the heels of a number of high-profile breaches of U.S. government networks in recent months, including a Russia-based attack that compromised at least nine federal agencies, and a Chinese-based hacking campaign so severe that the Cybersecurity and Infrastructure Security Agency had to issue a rare mandate for all government agencies to immediately update their software.
While it’s common for scammers to make it appear that they’re sending an email from someone else’s address, the emails’ metadata made it clear that they were sent from an FBI server, said Alex Grosjean, a researcher at the Spamhaus Project, a European nonprofit that monitors email spam.
FBI Acknowledges report
Meanwhile, the FBI has issued a statement acknowledging its email system was hacked.
The statement reads thus:
“The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails.
LEEP is FBI IT infrastructure used to communicate with our state and local law enforcement partners.
While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service.
No actor was able to access or compromise any data or PII on the FBI’s network.
Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks.