An FBI e-mail server appears to have been hacked and used to send spam on behalf of the US Federal Police, reports BleepingComputer.
The e-mails that have been sent suggest that an available cyber attack has been carried out, probably by Vinny Troia. Troia is an American security seeker who is active in the fight against cyber criminals.
Within a few hours, several tens of thousands of similar emails were sent on Saturday, reports the non-profit organisation Spamhaus. The spam messages were sent with as sender [email protected] and with subject line ” threat actor in systems.”
In the fake message, “the FBI” warns that malicious persons have been detected on the recipient’s network and that data from the devices have been stolen.
The messages, as reported to ICIS, “could be used to send intelligence to Russia”, according to ICIS, and “we are not aware of any other Russian intelligence activity that may be of concern”.
Some of the emails were sent on 8 April and 1 May 2014 by the email address “paupaulh” . He used the same name and address but used the same email address. The email address was also used by Anthony Weiner in a series of alleged sex scandals. Weiner, who is connected to The New York Times, received at least $30 million in donations from the disgraced former congressman during the summer of 2013.
The ICIS sent more than 18,000 emails to and from Weiner through its service of the website www.icis.fbi.gov after it received a request from ICIS for its computer systems, the ICIS said. It said its work did not “exceed the standard legal limit of the service because of the technical quality to handle such requests”. “The use of technical means is not mandatory for compliance with our law, but it is a step forward and the actions needed to enable a better future.”
It seems to be a joke, although according to Spamhaus it is worrying that the mail comes from a real FBI server. Well, the FBI says it sent the package as a way to try and make the case for a Clinton to be confirmed as a U.S. senator on Capitol Hill, not as a voter.
The federal database that tracks mail is not even yet fully open to the public through a server that can’t find the real sender of the mail, a State Department official said.
The problem is this isn’t about state information. It’s about whether the FBI has any way to know who is sending mail and whether they’ve ever received it with an FBI server.
Some states offer mail verification, which is meant to be as simple as adding a phone number to an address book. But the problems were real because the data does not include the name of the sender or the state, and doesn’t take into account possible possible matchmaking between agents and registered mail order recipients, said Seth S. Smith, spokesman for the department.
Another problem is the data isn’t publicly available. Spamhaus reports that as of 2:53 p.m., it had so far not posted this data.
The FBI has informed counter-paging computer that they are aware of the fake emails and they are investigating the case. Meanwhile, the FBI is calling to be seen with e-mails that come from Unknown Sources. Possible hidden activities can be determined at www.ic3.gov and cisa.gov. The FBI is in the process of taking them up on their offer. But we don’t know exactly who did it — and they’re probably still conducting it.”
He added: “This is the perfect time to do things like this to be very proactive with counter-paging. What are you doing to protect yourself from someone who might be more open to an attempt to hack you?”
