Hackers have compromised an external email system of the FBI, a watchdog group that tracks spam and similar cyber threats announced on Nov. 13.
The messages came from a legitimate email address—[email protected]—from the Law Enforcement Enterprise Portal (LEEP), which is owned by the FBI and DHS, according to the group. However, it noted that “our research shows that these emails *are* fake.”
The agency stated that although the affected hardware was “taken offline quickly upon discovery of the issue,” the situation is an ongoing one, and it won’t be providing additional information for the time being.
“Our intelligence monitoring indicates exfiltration of several of your virtualized clusters in a sophisticated chain attack,” the email reads. “We identified the threat actor to be Vinny Troia, whom is believed to be affiliated with the extortion gang TheDarkOverlord[.] We highly recommend you to check your systems and IDS monitoring.”
“These fake warning emails are apparently being sent to addresses scraped from ARIN database,” the group wrote. “They are causing a lot of disruption because the headers are real, they really are coming from FBI infrastructure. They have no name or contact information in the .sig. Please beware!
“From what other people are reporting, this was not limited to the ARIN database. Other, non-ARIN related harvested emails were included in the spam run.”
“Triple action: Convince people to shut things down just in case, while veracity is determined, character assassination of Vinny Troia who was mentioned in it, and flooding the FBI with calls,” the group wrote. “Or, as someone else said, ‘for the lulz.’ Maybe all of the above. Maybe something else!”
“Wow I can’t imagine who would be behind this. #thedarkoverlord aka @pompompur_in,” he wrote.
“The last time they [pompompurin] hacked the national center for missing children’s website blog and put up a post about me being a pedophile,” he said.
Troia also stated that the individual had contacted him a few hours before spamming the FBI email servers and that the individual tends to alert him when they’re about to discredit him.