FBI’s email system hacked, sends out fake cybersecurity warnings

The Federal Bureau of Investigation’s email servers were hacked thus sending out thousands of dummy messages. Bleeping Computer reported the fake email states that recipients have become the victims of a sophisticated chain attack. The Spamhaus Project, a nonprofit organization that investigates email spammers was the first to expose these emails.

The hackers managed to send these out to over 100,000 addresses, which were all scraped from the database of American Registry for Internet Numbers. Adding to its legitimate look, hackers used the FBI’s public-facing email system and the headers were authenticated as coming from FBI servers using the Domain Keys Identified Mail process that’s part of the system Gmail uses to stick brand logos on verified corporate emails.

In a press release made by the FBI, they only said that it is an ongoing situation with the impacted hardware already taken offline and that it doesn’t currently have any more information it can divulge.

According to Bleeping Computer, the spam campaign was likely carried out by an individual who goes by the name “Pompompurin” as an attempt to defame Troia. In the past, its the same person that has allegedly tried damaging Troia’s reputation in similar ways. Pompompurin also claims that the hack was meant to highlight the security vulnerabilities within the FBI’s email systems.

The individual said that they exploited a security gap on the FBI’s Law Enforcement Enterprise portal. With a one-time password embedded in the page’s HTML, they managed to sign up for an account. From there, Pompompurin claims they were able to execute a massive spam campaign by manipulating the sender’s address and email body.

With that kind of access, the attack could’ve been much worse than a false alert that put system administrators on high alert. Earlier this month, President Joe Biden mandated a bug fix that calls for civilian federal agencies to patch any known threats. Last May, in the wake of detrimental attacks on the Colonial Pipeline and SolarWinds, Biden signed an executive order that aims to improve the nation’s cyber defenses.