Hackers compromise FBI email system, send thousands of messages

Hackers have compromised a Federal Bureau of Investigation email system and sent tens of thousands of messages warning of a possible cyber attack, according to the agency and security specialists.

Fake emails appeared to come from a legitimate FBI email address ending in @ic.fbi.gov, the FBI said in a statement on Saturday.

Although the hardware impacted by the incident “was taken offline quickly upon discovery of the issue,” the FBI said.

“This is an ongoing situation and we are not able to provide any additional information at this time,” the FBI said in a statement.

The FBI has multiple email systems, and the one that appears to have been hacked on Saturday is a public-facing one that agents and employees can use to email with the public, according to Austin Berglas, head of professional services at the cybersecurity company BlueVoyant. “There’s a separate email system agents are required to use when transmitting classified information”, he said.

“This is not the classified system that was compromised,” said Berglas, who is also a former assistant special agent in charge of the FBI’s New York office cyber branch. “This is an externally facing account that is used to share and communicate unclassified information.”

The attacks started at midnight Saturday in New York with a subsequent campaign beginning at 2 a.m., according to Spamhaus. The nonprofit said it estimates the spam messages ultimately reached at least 100,000 mailboxes.

The emails came with the subject line: “Urgent: threat actor in systems.” The message was signed by the U.S. Department of Homeland Security and warned recipients that the threat actor appeared to be cybersecurity expert Vinny Troia, who last year penned an investigation of the hacking group The Dark Overlord.

Both the FBI and Cybersecurity and Infrastructure Security Agency are aware of the incident, the FBI statement said.

Bloomberg/Nnenna.O