The email servers of the American FBI were hacked, and the attacker sent thousands of false warnings on behalf of the FBI, in which it is said that the recipient is the victim of a “sophisticated chain attack”. The emails were discovered by researchers of the international non-profit organization that monitors spam and related cyber threats (phishing, botnet, malware) Spamhaus Project, who noticed tens of thousands of such messages that were delivered twice on Saturday morning.
In emails that arrived from a legitimate email address [email protected], which reads: “Urgent: Threat actor in systems”, claims that Winnie Troy is behind the attack and also falsely states that Troy is connected to the infamous hacker group The Dark Overlord, which is responsible for the leak of the fifth season of the series “Orange is the New black “. However, Troy is actually a prominent cyber security researcher who leads two security companies on the Dark Web, NightLion and Shadowbyte.
The message warns that the attackers were discovered in the network of the recipient and that they stole data from the device.
As reported by Bleeping Computer, the hacker sent emails to more than 100,000 addresses, all taken from the U.S. Internet Registry Database (ARIN). The hackers used the FBI’s public email system, which made the emails seem real. There is no doubt that emails originate from FBI servers, because message headers indicate that their origin is verified by the DomainKeys Identified Mail (DKIM) mechanism, which is part of the system Gmail uses to affix the brand logo to verified company emails.
The FBI responded to the incident with a press release, noting that the content of the emails was fake, that they were working to solve the problem, and that their help desk was overwhelmed with calls from concerned administrators. The agency said that the attacker used the configuration of the software for sending e-mails, but that he did not access any data and personal information on the FBI network.
According to the Bleeping Computer, the attack was probably carried out as an attempt to slander Troy. According to what he posted on Twitter, Troy suspects that the person using the name “pompompurin” initiated the attack. As Bleeping Computer notes, that same person has reportedly tried to damage Troy’s reputation in similar ways in the past.
According to him, the last time Pompompurin and his helpers hacked the blog of the National Center for Missing Children and posted an article about him, which says that Troy is a pedophile.
A couple of hours before the attack, the pompompurin contacted Troy and wrote him “enjoy”, probably as a warning that something would happen.
A report by renowned journalist and cyber security expert Brian Krebs also links pompompurin to the incident. A certain person allegedly sent him a message from the FBI’s email address when the attacks were launched, posing as a pompompurin. Krebs even got a chance to talk to that person, who claims his goal was to point out security flaws in the FBI’s email system, and that he could use emails that would seem even more convincing to trick companies into handing him data, but that this was not the goal.
Source: Informacija.rs by www.informacija.rs.
*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!