Hackers breach FBI email server

Follow RT on The Federal Bureau of Investigation has confirmed it is aware and actively looking into reports about tens of thousands of fake cyber-attack warnings sent from one of their official email accounts.

The emails warning of a “sophisticated” cyber security threat were first flagged on Saturday by cyber security experts on social media, forcing the FBI to publicly confirm the agency was “aware of the incident this morning involving fake emails from an @ic.fbi.gov email account.”

“This is an ongoing situation and we are not able to provide any additional information at this time,” the FBI said in a statement to Nexstar, adding that the public should report any “suspicious” emails from “unknown senders.”

These emails look like this:Sending IP: 153.31.119.142 (https://t.co/En06mMbR88)From: ei[email protected]: Urgent: Threat actor in systems pic.twitter.com/NuojpnWNLh

— Spamhaus (@spamhaus) November 13, 2021

The email system hackers appear to have gained access to is one used by agents and officials with the department to communicate with the public, according to a report from Bloomberg, which would mean it is not a system hosting classified emails. 

The following chart shows email traffic originating from the FBI mailserver (https://t.co/En06mMbR88 | 153.31.119.142) involved. You can clearly see the two spikes caused by the fake warning last night. Timestamps are in UTC. pic.twitter.com/vPKvzv74gW

— Spamhaus (@spamhaus) November 13, 2021

The Spamhaus Project, an organization focusing on “spam, phishing, botnets and malware sources,” first reported on the “scary” emails, providing an example and explaining the convincing part is the fact that the hackers behind the false messages have access to official headers and they are coming from “FBI infrastructure.”

Tens of thousands of bogus warnings were reportedly sent out as part of the cyberattack.

I asked the FBI for comment. Here's what they said: "The FBI and CISA are aware of the incident this morning involving fake emails from an @ic.fbi.gov email account. This is an ongoing situation and we are not able to provide any additional information at this time." https://t.co/9ZO8poygDC

— briankrebs (@briankrebs) November 13, 2021

Like this story? Share it with a friend!

Leave a Reply

Your email address will not be published. Required fields are marked *