On Saturday, hackers gained access to the Federal Bureau of Investigation’s external email system.
According to the Spamhaus Project, which tracks spam and associated cyber dangers, the hackers sent out tens of thousands of emails from an FBI email account warning about a possible cyberattack.
The FBI stated it is “aware of the issue this morning involving phony emails from a @ic.fbi.gov email address,” along with the Cybersecurity and Infrastructure Security Agency.
“This is an ongoing situation and we are not able to provide any additional information at this time,” the FBI said in a statement.
According to Austin Berglas, head of professional services at the cybersecurity firm BlueVoyant, the FBI has various email systems, and the one that appears to have been hacked on Saturday is a public-facing one that agents and employees can use to correspond with the public. When sending classified information, agents are expected to use a separate email system, he said.
“This is not a classified system that was compromised,” said Berglas, a former assistant special agent in charge of the FBI’s cyber branch in New York. “This is an externally facing account that is used to share and communicate unclassified information.”
According to Spamhaus, the attacks began at midnight on Saturday in New York, with a follow-up effort starting at 2 a.m. According to the NGO, the spam mails ended up in at least 100,000 mailboxes.
“Urgent: threat actor in systems,” read the subject line of the emails. The mail was signed by the US Department of Homeland Security, and it informed recipients that the threat actor looked to be cybersecurity specialist Vinny Troia, who wrote an investigation into the hacker group The Dark Overlord last year.
These emails look like this:
Sending IP: 153.31.119.142 (https://t.co/En06mMbR88)
From: [email protected]
Subject: Urgent: Threat actor in systems pic.twitter.com/NuojpnWNLh
— Spamhaus (@spamhaus) November 13, 2021
These emails look like this:
Sending IP: 153.31.119.142 (https://t.co/En06mMbR88)
From: [email protected]
Subject: Urgent: Threat actor in systems pic.twitter.com/NuojpnWNLh— Spamhaus (@spamhaus) November 13, 2021
According to Spamhaus, the emails did not contain any malware. The hackers could have been aiming to slander Troia or staged a nuisance assault to swamp the FBI with calls, according to the organization.
Consumers should be wary and report any suspicious activity, according to the FBI.