FBI hit with cyber attack that prompted false email blast

The Federal Bureau of Investigation computer system was the victim of a massive hack on Friday night that caused their email system to send a number of emails. 

According to a report by The Blaze, the federal system sent threatening emails to more than 100,000 people, an even that caused no small amount of concern.

The FBI announced the hack and notified the public about the emails, saying that the systems effected were “taken offline quickly,” and the that the impact was minimal:

“The attackers used legitimate FBI systems to conduct the attack, using email addresses scraped from a database for the American Registry for Internet Numbers (ARIN), among other sources,” technology blog Engadget reported. “Over 100,000 addresses received the fake emails in at least two waves.”

One of the key way to spot a fake email is if it was signed off as the U.S. Department of Homeland Security’s Cyber Threat Detection and Analysis Group, something that hasn’t existed for some years.

Additionally, the email subject lines read: “Urgent: Threat actor in systems.”

The email spam watchdog group Spamhaus Project has been monitoring the situation and is providing “real-time actionable data on spam, phishing, botnets, and malware sources” stated on Saturday that they are “aware” of the “scary” emails set from the FBI/DHS servers.

“While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS (the LEEP portal), our research shows that these emails *are* fake,” the non-profit threat intelligence organization wrote on Twitter.

“These fake warning emails are apparently being sent to addresses scraped from ARIN database. They are causing a lot of disruption because the headers are real, they really are coming from FBI infrastructure. They have no name or contact information in the .sig. Please beware!”

In the email, recipients are told that their information was stolen by an “advanced persistent threat actor” named “Vinny Troia,” who they claim is a cybercriminal with the group named “The Dark Overlord.”

Troia is not believed to be responsible for this, though he does work in the cyber space as the head of security research of dark web intelligence companies NightLion and Shadowbyte, according to The Blaze.

The security researcher told Bleeping Computer he believes he is being targeted as a way of discrediting him.

Share on facebook
Share To Facebook

Welcome to our comments section. We want to hear from you!

Any comments with profanity, advocacy of violence, harassment, personally identifiable information or other violations will be removed. If you feel your comment has been removed in error please contact us!

Latest Posts