The FBI’s Email System Was Hacked to Send Out a Fake Cyber Security Alert to Thousands of Individuals.

Fake messages indicating a “sophisticated chain attack” were sent out by anonymous threat actors who infiltrated the FBI’s email system, the FBI confirmed on Saturday.

Rogue warning emails with the subject line “Urgent: Threat actor in systems” were sent to thousands of users using an FBI email address, “[email protected][.]gov”.

From the details that have been revealed about the incident, it seems that the spam messages have been sent through an abused insecure code in an FBI online portal meant to exchange information with state and local law enforcement officials.

More information about the case reveals that the breach occurred thanks to a flaw in LEEP, the FBI’s Law Enforcement Enterprise Portal (LEEP). That allowed attackers to apply for an account, as well as leak the one-time password that’s sent to the applicant to confirm their registration. This also enabled the attackers to intercept and tamper the HTTP requests with their own hoax message to thousands of email addresses.

SpamHaus, a threat intelligence non-profit, was the first to publicly disclose the incident. According to them, the email blasts occurred in two “spam” waves, one just before 5:00 a.m. UTC and another just after 7:00 a.m. UTC.

In their statement, the FBI stated that a software misconfiguration permitted an actor to send bogus emails for a short period of time using the Law Enforcement Enterprise Portal (LEEP)”. Despite coming from an FBI-operated server, however, the fraudulent email was not part of the FBI’s business email service. Instead, it was used to push notifications for LEEP. No data or PII has been stolen from the FBI’s network by any outside actors, the statement reveals.

From what has been disclosed, it seems that Vinny Troia, a researcher and founder of dark web intelligence firms Night Lion Security and Shadowbyte, is the most likely target of this smear email campaign since the FBI email systems’ attack has been framed on him. The security researcher has been a victim of several hacking attacks on his Twitter and website account in the past.


About the author

Lidia Howler

Lidia is a web content creator with years of experience in the cyber-security sector. She helps readers with articles on malware removal and online security. Her strive for simplicity and well-researched information provides users with easy-to-follow It-related tips and step-by-step tutorials.

Leave a Comment