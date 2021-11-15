Hackers breach FBI’s external e-mail system

REVENGE?: Thousands of spam e-mails were sent from a breached account, smearing a cybersecurity expert who had penned a report on a hacking group

Bloomberg





Hackers on Saturday compromised the FBI’s external e-mail system and sent tens of thousands of e-mails from an agency account, warning about a possible cyberattack, according to the Spamhaus Project, which tracks spam and related cyberthreats.

The FBI, along with the US Cybersecurity and Infrastructure Security Agency, is “aware of the incident this morning involving fake emails from an @ic.fbi.gov email account,” the law enforcement agency said in a statement.

“This is an ongoing situation and we are not able to provide any additional information at this time,” the FBI said.

The FBI has multiple e-mail systems, and the one that appears to have been hacked is a public-facing one that agents and employees can use to e-mail with the public, said Austin Berglas, head of professional services at cybersecurity company BlueVoyant.

There is a separate system agents are required to use when transmitting classified information, Berglas added.

“This is not the classified system that was compromised,” said Berglas, who is also a former assistant special agent in charge of the FBI New York office’s cyber branch. “This is an externally facing account that is used to share and communicate unclassified information.”

The attacks started at midnight in New York, with a subsequent campaign beginning at 2am, Spamhaus said.

The nonprofit said it estimates that the spam messages ultimately reached at least 100,000 mailboxes.

The e-mails came with the subject line: “Urgent: threat actor in systems.”

The message was signed by the US Department of Homeland Security and warned recipients that the threat actor appeared to be cybersecurity expert Vinny Troia, who last year penned an investigation of the hacking group The Dark Overlord.

There was no malware attached to the e-mails, Spamhaus said.

The group speculated that the hackers could have been attempting to smear Troia or were staging a nuisance attack to flood the FBI with calls.

Troia did not respond to a request for comment.

The FBI urged people to be cautious and report any suspicious activity.