FBI System Hacked to Email "Urgent" Warning About Fake Cyberattacks

upstart writes:

FBI system hacked to email 'urgent' warning about fake cyberattacks:

The Federal Bureau of Investigation (FBI) email servers were hacked to distribute spam email impersonating FBI warnings that the recipients' network was breached and data was stolen.

The emails pretended to warn about a sophisticated chain attack" from an advanced threat actor known[sic], who they identify as Vinny Troia. Troia is the head of security research of the dark web intelligence companies NightLion and Shadowbyte

The spam-tracking nonprofit SpamHaus noticed that tens of thousands of these messages were delivered in two waves early this morning. They believe this is just a small part of the campaign.

[...] Researchers at the Spamhaus Project, an international nonprofit that tracks spam and associated cyber threats (phishing, botnets, malware), observed two waves of this campaign, one at 5 AM (UTC) and a second one two hours later.

The messages came from a legitimate email address - eims@ic.fbi.gov - which is from FBI's Law Enforcement Enterprise Portal (LEEP), and carried the subject Urgent: Threat actor in systems."

All emails came from FBI's IP address 153.31.119.142 (mx-east-ic.fbi.gov), Spamhaus told us.

The message warns that a threat actors[sic] has been detected in the recipients' network and has stolen data from devices.

Read more of this story at SoylentNews.