Hackers Breach FBI's Email System to Send Fake Cyber Security Alert
Table of Contents
- By David Lukic
- Published: Dec 03, 2021
- Last Updated: Mar 18, 2022
Hackers have targeted the FBI’s email servers and sent out thousands of fake messages that notified recipients of being victims of a “sophisticated chain attack.” The security event underscored the critical cyber threats and vulnerabilities that still exist in federal systems.
What Happened in the FBI email Leak?
Threat actors sent thousands of emails to recipients on Saturday morning about a fake cyber attack. The emails were sent using the FBI’s email system to make the messages appear to come from a legitimate source. They were initially uncovered by The Spamhaus Project, a nonprofit organization that investigates email spammers who first reported the development via Twitter.
The hackers behind the attack managed to send out emails to over 100,000 addresses, all of which were scraped from the database of the American Registry for Internet Numbers (ARIN), the nonprofit responsible for managing the distribution of Internet addresses in North America.
The attack could have been worse than just a fake alert. Experts believe that the hackers might have used the security gap exploitation of the FBI’s Law Enforcement Enterprise (LEEP) portal to send more legit-looking emails and trick companies into handing over data.
Who Is Responsible?
The emails claim that Vinny Troia, a prominent cybersecurity researcher who runs two dark web security companies, NightLion and Shadowbyte, was behind the fake attacks.
The spam campaign was most likely carried out in an attempt to discredit Troia. However, Troia shared in a tweet that the attack was carried out by a person known as "Pompompurin.”
What Is the FBI Doing?
The FBI responded to the incident by releasing a press release that described the situation as “ongoing.” They also stated that “the impacted hardware was taken offline.”
In an updated statement, an FBI representative said the hacker had found and exploited a flaw in how an agency messaging system is configured, and that they weren't able to access internal FBI files.
The FBI said in an elaborated statement that the compromised system was an unclassified server, the Law Enforcement Enterprise Portal (LEEP), used by FBI personnel to communicate outside of the organization with state and local law enforcement partners, and the hackers didn’t appear to have gained access to internal databases containing state secrets or classified information.
The FBI has alerted its partners about the fake messages and says it has "immediately remediated the software vulnerability" even as the investigation is still ongoing.
This is not the first time the FBI’s LEEP system has experienced a breach. In 2015, hackers broke into the system to steal data and access a variety of law enforcement systems.
How to Protect Yourself from Spam from Legit Looking Emails
There are a number of ways to avoid becoming a victim of spam messages however it can be a bit tricky to identify when the threat is coming from a legitimate address or person. However, it is important to avoid identity theft, virus infections loss of personal data, and even worse, putting unsuspecting colleagues, friends, and family at risk.
Assume Zero Trust. Always be cautious in opening links or attachments in your emails. Be on the lookout for abnormal activity and trends out of the usual with people and accounts you interact with to avoid being a victim in cases where the mail is from a breached legitimate address.
Use Anti-Virus Software. Anti-virus software and filtering tools can help to scan the emails that you receive for malware to prevent you from opening a potentially threatening file. This helps to reduce the chances of malware infecting your computer. However, email spam filters are not foolproof. It is critical that you learn to identify phishing scams and take the appropriate steps to protect your computer and your data.
