FBI email system hacked, thousands of fake emails sent to US law enforcement officials

Person wearing FBI hoodie sits at a computer
It's the latest in a line of attacks against various US government networks. Photo credit: Getty Images

Hackers compromised a Federal Bureau of Investigation (FBI) email system in the US over the weekend, sending tens of thousands of messages warning of a possible cyberattack, according to the agency and security specialists.

Fake emails appeared to come from a legitimate FBI email address ending in @ic.fbi.gov, the FBI said in a statement.

Thankfully for the bureau, no data or personal identifiable information was compromised or accessed on the network.

The hacker took advantage of a software misconfiguration that allowed them to leverage the Law Enforcement Enterprise Portal (LEEP) system, the FBI said.

LEEP is used to communicate with the bureau's state and local law enforcement partners.

"While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI's corporate email service," it said.

"No actor was able to access or compromise any data on the FBI's network. Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails and confirmed the integrity of our networks."

The hackers sent tens of thousands of emails warning of a possible cyberattack, threat-tracking organisation Spamhaus Project said on its Twitter account.

A copy of an email posted by Spamhaus showed a subject line of "Urgent: Threat actor in systems" and appeared to end with a sign-off from the Department of Homeland Security.

According to multiple media outlets the emails appeared to be an attempt to pin fake cyberattacks on Vinny Troia, who leads Night Lion Security, a cybersecurity firm specialising in the dark web.

It also made reference to a cybercriminal group called The Dark Overlord, which Night Lion had published research about earlier this year.

It's not the first time a cybersecurity expert has been targeted in such a way. Security journalist Brian Krebs was attacked in March by hackers exploiting issues with Microsoft Exchange servers to try and implicate him in wrongdoing.

The FBI attack is just the latest high-profile breach of a US government network in the last few months. That has included a Chinese-based campaign that forced all agencies to immediately update its software and a Russia-based attack that compromised nine federal agencies.

Newshub / Reuters