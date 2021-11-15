The emails warned recipients that they had been compromised by a data breach

The US Federal Bureau of Investigation (FBI) had its email servers compromised by hackers, who used it to send warnings about a non-existent attack. The emails accused Vinny Troia, head of security research at NightLion and Shadowbyte, of perpetrating the attack.



We have been made aware of "scary" emails sent in the last few hours that purport to come from the FBI/DHS. While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS (the LEEP portal), our research shows that these emails *are* fake.

As per Bleeping Computer, Spam tracking non-profit organisation, SpamHaus, noticed two waves of emails that were sent out early in the morning of the attack. They also said that this was part of a larger campaign.

The message warned recipients of an orchestrated attack, one that had compromised their systems and stolen data. The email also singled out Troia and said that he was believed , "to be affiliated with the extortion gang TheDarkOverlord."

SpamHaus told the publication that the mails had reached 100,000 mailboxes at least. They also said that the number was an estimate and “the campaign was potentially much, much larger.”

The FBI has confirmed the breach and said that they were working on resolving the issue as fast as they could. They also said that their helpdesk's were flooded with calls from worried administrators.

While the messages were from a server under the FBI, they told the publication that the machine was not connected to corporate mail and did not include any personally identifiable data or contacts. The agency said that the hackers used a software configuration to gain access to the system.