FBI's Email Servers Hacked and Sent Thousands of Messages to Victims

FBI
FBI hack Unsplash/ Christian Wiediger

The Federal Bureau of Investigation's email servers, or the FBI, has been targeted by hackers. The servers sent out thousands of fake emails that warned the recipients that they were victims of email spam.

FBI's Email Servers Hacked

According to Bleeping Computer, the emails were first revealed by The Spamhaus Project. It is a nonprofit organization that investigates and reports email spammers.

The emails sent to the victims claim that Vinny Troia was behind the fake attacks. The email also falsely accused Troia as part of the infamous hacking group, The Dark Overlord.

The Dark Overload is the same actor who leaked the fifth season of "Orange Is The New Black."

Troia is a cybersecurity researcher who is running two dark web security companies, they are Shadowbyte and NightLion.

Bleeping Computer noted that the hackers were able to send out emails to more than 100,000 addresses, all of which were from the American Registry for Internet Numbers or ARIN database.

Bloomberg reported that the hackers used the FBI's public-facing email system, making the emails seem all the more legitimate.

Kevin Beaumont, a cybersecurity researcher, also attests to the email's legitimate appearance. He said that the headers are authenticated because it is from the FBI servers via the Domain Keys Identified Mail or DKIM process. It is a part of the system Gmail uses to put logos of brands on legit corporate emails.

The FBI had a press release after the incident was reported. The agency noted that it is an ongoing situation and that the impacted hardware was immediately taken offline.

Aside from that, the FBI stated that it does not have any more information that it can share with the public at this time.

Bleeping Computer added that the spam was carried out as an attempt to ruin the reputation of Troia. ​In a tweet, Troia stated that a person who goes by the name "Pompompurin" has launched the email attack. That is the same person that had tried to damage Troia's reputation in the same ways before.

Brian Krebs, a computer security reporter, stated that Pompompurin is connected to the email hack because the person allegedly messaged him from an FBI email address when the attacks were launched.

Krebs said that the email instructed him to check the headers of the email to assure him that it was from an FBI server.

KrebsOnSecurity was able to talk to Pompompurin in an exclusive interview. He said that the hack was meant to show the weak security within the email systems of the FBI.

Pompompurin said in a statement to KrebsOnSecurity that he could have used the servers to send more legit-looking emails and trick companies and individuals into handing over their data.

Security Gap on the FBI's Server

Pompompurin also told the security outlet that they took advantage of a security gap on the FBI's Law Enforcement Enterprise or LEEP portal. He said he was able to sign up for an account using a one-time password that is embedded in the FBI page's HTML.

Pompompurin also said that they were able to change the sender's address and email body before sending out the massive spam campaign.

This is not the first time that the FBI has been targeted by hackers. ln March, the security cameras of the FBI were hacked.

The FBI has been going after numerous hacker groups, including the notorious REVil group.

This article is owned by Tech Times

Written by Sophie Webster

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags:FBI
Join the Discussion
Real Time Analytics