Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

FBI external emails hacked; hackers send out bogus messages

Cyber criminals breached the FBI’s external emails over the weekend, sending out a fake warning message to thousands of people.

user icon
Mon, 15 Nov 2021
FBI external emails hacked; hackers send out bogus messages
expand image

The United States’ Federal Bureau of Investigation confirmed that a software loophole enabled threat actors to gain access into the organisation’s Law Enforcement Enterprise Portal (LEEP), where threat actors sent fake warning emails to thousands of people and organisations across the US.

The LEEP, the FBI explained, is an IT infrastructure that the bureau uses to communicate with other state and local law enforcement entities. The FBI has reassured the public that the email server was not part of the bureau’s larger email network.

“While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service,” a release from the bureau read.

============
============

“No actor was able to access or compromise any data or PII on the FBI’s network. Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails and confirmed the integrity of our networks.”

The FBI confirmed that the emails originated from an @ic.fbi.gov email account, and that the exploitable vulnerability has been fixed.

The fake emails, interestingly, warned users of a hack in the FBI’s network and were addressed from the US Department of Homeland Security.

Threat intelligence organisation Spamhaus theorised on Twitter that the email may be part of a “scare-ware” campaign.

“It's a guess, but our thought is that it's a combination scare-ware (get people to shut things down or make changes in a hurry), and a character assassination against the guy named in it, AND a way to make the FBI scramble,” according to Spamhaus’ Twitter account.

The perpetrator remains unknown.

[Related: Hackers target regional Qld water corporation in 9-month-long hack]

[Related: Hackers breach 9 critical infrastructure organisations, exploit ADSelfService Plus server]

[Related: mySA GOV digital licence accounts hacked]

[Related: Concerns mount as hacking group leaks details from Israeli LGBTQ dating website]

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.