Hackers Sent Thousands Of Spam Emails From FBI Server

Indian Hackers

Hackers have managed to use an FBI mail server to send spam messages. Therefore, filters did not recognize the emails as forgeries. It is still unclear why the emails were sent. The affected server has since been taken offline.

As Bloomberg writes, the spam emails were sent from an account with the domain “@ ic.fbi.gov”. Since the IP address from which the mails were sent matches the DNS entry of the domain, the sender was not forged. The messages were actually sent from an FBI server. In the spam mail with the subject “Urgent: Threat actor in systems”, companies were warned of an alleged attack. Since the recipients were not asked to provide any data or to visit a website, it is unclear what motivated the attackers wanted to pursue the spam mail.

Reputation damage could be the intention

It is conceivable that the hackers only wanted to damage the reputation of Vinny Troia, the head of security research at NightLion and Shadowbyte. He was portrayed as a threat in the mail. In total, more than 100,000 spam messages are said to have been sent to administrators around the world in two waves. The list of recipients was probably taken from the database of the American registration authority ARIN.

According to KrebsonSecurity, a vulnerability on the Law Enforcement Enterprise Portal (LEEP) website was used to send spam emails on behalf of the FBI. In a form, a code that is to be sent to the user by email was generated in the browser. The content of the mail could therefore be determined by the client itself.

As of now, the FBI has not disclosed any details about the incident. The agency has urged the public to exercise caution and report suspicious activity.