Hackers sent at least 100K fake emails from FBI server, threat tracker says – National

Hackers sent at least 100,000 fake emails from the FBI’s mail server on Saturday, according to a threat tracking service.

The FBI confirmed the attack in a statement on Saturday and said it is still an “ongoing situation.”

“The FBI and CISA are aware of the incident this morning involving fake emails from an @ic.fbi.gov email account,” the statement read.

“The impacted hardware was taken offline quickly upon discovery of the issue.”

The Spamhaus Project, a non-profit that tracks email cyber-threats, said in a statement that there were two emailing campaigns at 5 a.m. and 7 a.m. on Saturday.

According to its telemetry, Spamhaus believes at least 100,000 mailboxes were hit, but said, “the campaign was potentially much much larger.”

It said the recipient addresses seem to have been scraped from the American Registry for Internet Numbers (ARIN), which is also the internet registry for Canada.

The FBI did not say the reason behind the emails as it is an ongoing situation.

According to Spamhaus, the emails had the subject “Urgent: Threat actor in systems,” warned of a possible cyberattack and was signed Department of Homeland Security, though the FBI is part of the Department of Justice.

The emails also identified Vinny Troia as a “threat actor” associated with the hacking group The Dark Overlord.

In fact, Troia is the founder of the cybersecurity company Night Lion Security, which released a detailed report on The Dark Overlord in 2020.

Spamhaus said the emails could be a “character assassination” of Troia from the hacking group.

Night Lion’s report said the group, headed by 19-year-old Christopher Meinuer, was responsible for 30 per cent of non-credit card global data breaches between 2016 and 2020 and extorting Disney and Netflix in 2017.

Meinuer lives in Calgary, according to the report.