FBI Confirms Hack Sent More Than 100,000 Fake Emails

FBI Confirms Hack Sent More Than 100,000 Fake Emails FBI Confirms Hack Sent More Than 100,000 Fake Emails (Mandel Ngan/AFP via Getty Images)

By Eric Mack | Sunday, 14 November 2021 11:33 AM

The FBI has confirmed its email system has been hacked, with spam email being sent to more than 100,000 people warning of a cyber attack.

The email messages were rambling and incoherent, filled with technological nonsense, security officials told the New York Post.

The emails appeared from addresses ending @ic.fbi.gov, the FBI wrote in a statement.

The systems were "taken offline quickly upon discovery of the issue," according to the FBI.

"This is an ongoing situation," the statement added.

The Spamhaus Project tweeted:

"We have been made aware of 'scary' emails sent in the last few hours that purport to come from the FBI/DHS. While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS (the LEEP portal), our research shows that these emails *are* fake."

Spamhaus, a European-based nonprofit, also tweeted a copy of one of the emails, showing a subject line of "Urgent: Threat actor in systems," including a Department of Homeland Security signature at the bottom.

The FBI and Cybersecurity and Infrastructure Security Agency are aware of the breach.

The emails warned famed hacker Vinny Troia of Night Lion Security and TheDarkOverlord cybersecurity group have compromised information of the recipients.

"The FBI and CISA are aware of the incident this morning involving fake emails from an @ic.fbi.gov email account," the FBI statement read.

"We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity ic3.gov or cisa.gov."

The emails purportedly came from the U.S. Department of Homeland Security's Cyber Threat Detection and Analysis Group, which has not existed for years, according to the Post.

TheDarkOverlord has been tied to an attempted ransomware attack on Netflix in 2017, where stolen videos were sharing unreleased content, the Post reported.

Original Article