Hackers compromise FBI email system to send fake cybersecurity alerts –

Image from article titled Hackers Compromise FBI Messaging System to Send False Cybersecurity Alerts

photo: Mandel Ngan (Getty Images)

On Friday and Saturday, tens of thousands of people received bogus email alerts, believed to have come from the Federal Bureau of Investigation, after hackers compromised an online portal run by the FBI.

The hackers used a “misconfiguration of the software” to temporarily access the Business Law Enforcement Portal (LEEP) and send an email from what appeared to be a legitimate FBI email address ending in @ ic.fbi . Gov, the FBI said in Press release. LEEP acts as a gateway for national and local law enforcement authorities to share information and access resources as part of their investigations.

Once the threat was identified, the FBI disconnected the affected material and the vulnerability was “quickly patched,” according to the press release. Based on their investigation to date, it does not appear that the hackers were able to access the FBI files.

“While the illegitimate email came from a server operated by the FBI, that server was dedicated to delivering notifications for LEEP and was not part of the FBI’s corporate email service,” the FBI said in an updated statement Sunday. “No actor has been able to access or compromise personal data or information [personally identifiable information] on the FBI network. Once we learned of the incident, we quickly fixed the vulnerability in the software, warned our partners to ignore the fake emails, and confirmed the integrity of our networks.

The fake messages warned recipients that they were at risk of a “sophisticated chain attack,” according to screenshots shared on Twitter by The Spamhaus project, a non-profit organization that tracks spam and other cyber threats. The real-life emails name cybersecurity expert Vinny Troia as the perpetrator of the bogus attacks and falsely claim that he is associated with the hacking group The Dark Overlord, the same bad actors as fifth season leak Orange is the new black. Troia’s firm, Night Lion Security, a computer security consultancy known for investigating the dark web and other cybercrime markets, has launched an investigation report on The Dark Overlord in January.

According to an investigation by the Spamhaus Project, hackers sent email alerts to addresses retrieved from the American Registry of Internet Numbers (ARIN) database. “Other collected emails not related to ARIN were also included in the handling of spam,” the organization also said. tweeted Saturday. In a statement to the computer that rings, said the fake emails reached at least 100,000 inboxes, but that’s probably a conservative estimate. Investigators believe “the campaign was potentially much, much bigger,” Project Spamhaus told the outlet.

Troia speculated On twitter that a person with the identifier “@Pompompur_in” may be behind the hack. Speaking to Bleeping Computer, he said that this person had previously tried to smear him using similar tactics. More recently, they hacked into the website of the National Center for Missing Children and exploited it to publish an article accusing him of being a pedophile, he told the outlet.

Troia went on to say that Pompompurin sent him a message every time they launched a new smear campaign. That is, he tweeted A screenshot from a DM the user sent on Friday night that simply says “enjoy.” The next day, around the same time that the news of the attack on the FBI website began to spread, they again sent text messages asking “did you appreciate?” Before expressing his displeasure that Troia has gained a following as a result of the incident.

A report Security reporter Brian Krebs also named Pompompurin as the possible culprit. According to Krebs, the individual sent him the following message from an FBI email address when the campaign began: “Hello, pompompurin. Check the headers of this email, it’s actually from the FBI server. I am contacting you today, as we have located a botnet hosted on your front, please take immediate action thank you.

In a security statement to Krebs, Pompompurin later said the attack was intended to shed light on obvious vulnerabilities in the FBI’s messaging systems. To send emails from a legitimate FBI email address, they said they used an insecure code on the LEEP portal to hijack an email confirmation with a unique passcode that is sent when you try to apply for an account, which prior to this attack anyone. You can do it simply by visiting the website.

This incident is the latest in a series of high profile violations US government networks in recent months. In May, President Joe Biden signed a decree with the aim of improving the country’s cyber defenses after devastating cyberattacks, such as SolarWinds piracy and the ransomware campaign that paralyzed the Colonial oil pipeline.

Rank Math Seo Pro Weadown, Wordfence Premium Nulled, Yoast Nulled, PHP Script, Fs Poster Plugin Nulled, Astra Pro Nulled,Woodmart Theme Nulled, Wpml Nulled, Avada 7.4 Nulled, Woodmart Theme Nulled, PW WooCommerce Gift Cards Pro Nulled, Elementor Pro Weadown, Newspaper – News & WooCommerce WordPress Theme, Nulledfire, Slider Revolution Nulled, Elementor Pro Weadown, Jnews 8.1.0 Nulled, WeaPlay, Business Consulting Nulled, WP Reset Pro, Newspaper 11.2, Flatsome Nulled, Woocommerce Custom Product Ad, Premium Addons for Elementor, Jannah Nulled, Consulting 6.1.4 Nulled, Plugins, WordPress Theme, Dokan Pro Nulled

Back to top button