Hackers were able to hack into the FBI’s email servers, sending fake emails to some people using an @ic.fbi.gov address, which is an official address. The US federal police have confirmed the intrusion.
Hacking targets FBI servers
“The FBI and CISA are aware of the incident involving fake emails from an account at @ic.fbi.gov,” their statement said. “This is an ongoing situation and we cannot provide any additional information at this time,” they add, noting that “the affected material was taken offline quickly after the problem was discovered.” Both groups encourage the public to beware of unknown senders.
According to information from Spamhaus, a large number of fake emails were sent in two waves early Saturday from an address on a government corporate law enforcement portal used by many government agencies.
Some of the messages, sent on behalf of the Department of Homeland Security’s cyber-attack detection group, were titled: “Urgent, your systems are under threat”. The emails attempted to blame the non-existent attacks on Vinny Troia, the head of NightLion and Shadowbyte, dark web security companies.
To date, the FBI says it is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails. LEEP is the FBI’s IT infrastructure used to communicate with state and local law enforcement partners. Although the illegitimate email originated from a server operated by the FBI, that server was dedicated to sending notifications for LEEP and was not part of the FBI’s corporate email service. Furthermore, no actor was able to access or compromise any data or personally identifiable information on the FBI network.