(The Post Millennial) – The FBI is now investigating an “ongoing situation” in which thousands of emails were sent by an outside party using the FBI’s own email servers.
The messages pretended to be from the US Department of Homeland Security (DHS), and all went out with the subject line: “Urgent: Threat actor in systems.” In the email body, recipients were told that they were being targeted by a chain attack by a hacker group identified in the emails as “Dark Overlord.”
The FBI released a statement early on Saturday advising the public of the situation. The FBI statement reads:
“The FBI and CISA are aware of the incident this morning involving fake emails from an @ic.fbi.gov email account. This is an ongoing situation, and we are not able to provide any additional information at this time.”
“The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity to ic3.gov or cisa.gov.”
The statement was then updated Sunday, with an addendum that goes into further detail about the incident: “The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails. LEEP is FBI IT infrastructure used to communicate with our state and local law enforcement partners.”
“While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on the FBI’s network,” the updated statement reads. “Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks.”
High-profile hacks are getting more common in the past year or so. Just last month, in mid October, a group of Russian hackers was linked to a shocking ransomware attack that crippled Sinclair Broadcast Group stations.
thepostmillennial.com/fbi-probes-cyber-attack-emails-sent-from-internal-server