Based on recent reports, the email servers of the FBI have been hit by a cyberattack conducted by anonymous threat actors who sent a ripple of spam email messages that warn target receivers about a false cyberattack incident that is allegedly currently happening.
According to the security analysts who have first noticed the attack, the threat actors have targeted the FBI’s email server for public ticketing and alert system. The FBI has been immediately alerted as soon as the analysts have detected the cyberattack; nonetheless, the domestic intelligence group has already been aware of the incident.
The issue is described as a cyberattack that spammed the offices of the FBI with emails and phone calls coming in from concerned organisations who allegedly seeks assistance from an “attack”.
Initially, it was noticeable how the spam email messages were fake attack alerts. But the intel group were alarmed by how these spoofed messages had succeeded to get through their spam filters, such as the SPF and DKIM security checks.
Despite passing the FBI’s cryptographic email security checks, the spam emails were spoofed ones, considering how it has shown multiple grammar and spelling mistakes – something that a distinguished association like the FBI would never write and publish in security alerts.
Furthermore, security analysts have also highlighted that this cyberattack attempts to frame up NightLion Security’s founder, Vinny Troia, as the mastermind. It is because, from the observed copy of one of the poorly constructed spam email messages, it is said to have detected the founder attempting to breach data from the FBI’s networks.
The claim, nonetheless, was falsified by another malware analyst from a tweet on Twitter, who said that Vinny Troia has recently written a book about a hacking group named TheDarkOverlord. Shortly after the book’s publication, an unknown threat actor was reported to wipe out ElasticSearch servers and left behind Troia’s name. Then, his Twitter account got hacked, alongside his website.
Now, security analysts believe that the cyberattack against the FBI is linked to threats against Vinny Troia.
After confirming the attack, the FBI immediately took down the compromised server to prevent further spam messages and begin investigating the incident. One analyst’s theory is that the threat actors could have seen a vulnerability within the FBI’s servers that they exploited to execute the spam messages.
