Notebookcheck Logo

The FBI's email system has been hacked, with thousands of fake messages sent

An FBI email system has been compromised by a hack, sending thousands of fake messages to random addresses. (Image source: Markus Spiske on Unsplash).
An FBI email system has been compromised by a hack, sending thousands of fake messages to random addresses. (Image source: Markus Spiske on Unsplash).
One of the FBI's email systems has been compromised, allowing bad actors to send thousands of messages falsely warning of a possible cybersecurity attack. The FBI has confirmed that it has now patched the software vulnerability which allowed the hack and that the attackers accessed no data.

Hackers have compromised a Federal Bureau of Investigation (FBI) email system, sending over 100,000 messages. The emails were sent to addresses on the American Registry for Internet Numbers (ARIN) database, with the message containing a warning about a possible cyberattack.

The messages claimed that they were sent by Vinny Troia, who they associated with The Dark Overlord, which is false. Vinny Troia is the owner of a cybersecurity firm and a hacking forensic investigator. The FBI has said that these fake messages appeared to have been sent from an official FBI address. One of the giveaways that these emails were fake was the sign-off; these messages were supposedly from the Department of Homeland Security. However, the FBI is part of the Department of Justice.

These fraudulent emails were sent from an FBI-operated server, usually used to push alerts to the Law Enforcement Enterprise Portal (LEEP). This platform allows the FBI to collaborate with local and state agencies. Hardware was affected by the attack, though the FBI has stated that it "was taken offline quickly upon discovery of the issue", and it has now fixed the software vulnerability that made the attack possible. The FBI has also confirmed that the bad actors did not access any data or personal information during the incident.

It has not yet been confirmed who the hacker was, though Troia, who was falsely implicated in the attack, has speculated that someone who goes by the name Pompompurin may be responsible. Reportedly, Pompompurin stated the following to Krebs on Security, around the time of the attack:

I could've 1000% used this to send more legit looking emails, trick companies into handing over data etc. And this would've never been found by anyone who would responsibly disclose, due to the notice the feds have on their website.

Buy the book The Cyber Effect on Amazon

Read all 2 comments / answer
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2021 11 > The FBI's email system has been hacked, with thousands of fake messages sent
Polly Allcock, 2021-11-15 (Update: 2021-11-15)