Several news outlets report that at least 100,000 people received spam emails allegedly from the FBI. The emails carried signatures of the U.S. Department of Homeland Security’s Cyber Threat Detection and Analysis Group. Intrestingly, because the FBI put the mentioned organization on stop more than two years ago. Those emails contained strange, technically confused messages about some upcoming attacks. For some reason they made references for cybersecurity writer Vinny Troia and a cybercriminal group called The Dark Overlord. Mentioned company published research on The Dark Overlord in January this year.
“The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails”. “While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service”, goes in update that FBI National Press Office published on November 14, 2021 .
FBI IT infrastructure uses LEEP to communicate with the state and local law enforcement partners of the FBI. The Federal Bureau of Investigations also added in an update that any data or PII on the FBI’s network spamers could not access or compromise. They quickly fixed the software vulnerability, warned partners to dismiss the fake emails, and verified the coherence of networks. The FBI has usual practice to warn American companies of cyber threats that attack particular companies or when threat actors employ new techniques.
International Threat Intelligence Organization that provides real time data on spam, botnets, malware source and phishing made own research. On their Twitter page they shared the fake email spam that spamers allegedly sent under disguise from the FBI. Those who received spam emails find themselves listed on the American Registry for Internet Numbers. The contacts consist of publicly listed administrators of websites, the company’s researcher Alex Grosjean explained.
Grosjean ensured that he did not detect any malicious software embedded in the emails. Instead he assumes it must have been just a prank to scare the recipients. And it’s not the first time someone pretends to be from some legitimate law enforcement. As CNN added in their report on fake FBI emails, in one incident last year hackers encrypted the phones of some people in Eastern Europe. They accused them of possessing illicit pornographic material and informed them that their personal information had been forwarded to the FBI. Hackers asked for $500 to unlock the phones.
Also this might mean a mere prank, cybersecurity specialists express their concerns that such kinds of incidents can easily mislead organizations to deal with fake threats while missing on an actual attack. Threat actors may pick up the scheme to make in this way some sort of pro-attack step.
About Adblockelite.xyz Adblockelite.xyz pop-ups can not open out of nowhere. If you have clicked some…
About Appcloud-center.com Appcloud-center.com pop-ups can not open out of nowhere. If you have actually clicked…
About Groopheetex.com Groopheetex.com pop-ups can not expose out of nowhere. If you have clicked on…
About Vidstreambox.com Vidstreambox.com pop-ups can not expose out of the blue. If you have actually…
About Mac-uptodate.com Mac-uptodate.com pop-ups can not introduce out of the blue. If you have actually…
About Taffetlervers.com Taffetlervers.com pop-ups can not expose out of the blue. If you have clicked…