The FBI has admitted that fake emails were sent from an official FBI account this Saturday morning before they took the hardware offline. We have learned that the email was estimated to have reached around 100,000 inboxes.
“The FBI is aware of an event this morning involving fraudulent emails from an @ic.fbi.gov account,” the FBI said in a press release.
“This is an ongoing problem, and we cannot provide anymore information at this time,” the comment continues. “The impacted hardware was removed after discovery of the problem. We continue to encourage the public to be cautious of unknown email senders and ask you to report any suspicious activity.”
Spamhaus has confirmed that around 100,000 accounts got the fake email sent from FBI servers.
International nonprofit, the Spamhaus Project, which “tracks cyber threats like phishing, malware and botnets,” spoke about the cybersecurity threat this Saturday.
“We have been told of ‘scary’ messages sent in the past few hours that supposedly come from the FBI and DHS. While these emails are being sent from FBI-owned infrastructure, our data shows these emails *are* fake,” their tweet reads.
“These fake messages are being sent to emails found in the ARIN database. They are causing fear because the headers are genuine, and they are truly coming from FBI infrastructure,” the organization said in a follow-up tweet. “They do not have name or contact info in the signature. Please beware!”
For anyone interested, here are the sanitised headers from the sample we got yesterday. pic.twitter.com/KhDluiMSZa
— Spamhaus (@spamhaus) November 14, 2021
Spamhaus tweeted a screenshot of the fake email, which mentioned the “extortion gang TheDarkOverlord.” “The Dark Overlord” is a global hacker group “which allegedly steals data and demands large ransoms be paid before it’s returned,” the Washington Post said.
We have previously reported on this hacker group, which claimed to have caused the theft and leak of TV shows from ABC and Netflix in 2017.
The fake emails claim that Vinny Troia, who released an investigation into the hacker group in 2020, was said to be the “threat actor.”
Troia responded on Twitter, “Should I be flattered that the people who hacked the FBI servers did so in my name?”
— Vinny Troia, PhD (@vinnytroia) November 13, 2021
Author: Scott Dowdy