Reading Time: 2 minutes

Federal Bureau of Investigation’s (FBI) email servers were targeted by hackers. The attack was uncovered by The Spamhaus Project, a non-profit organization that investigates email spammers.

It was revealed that the hackers sent out hundreds of messages that claimed that the victims were targets of a “sophisticated chain attack.”

Additionally, the emails claimed that Vinny Troia was associated with the hacking group and behind these attacks. However, Troia is a cybersecurity researcher who runs two dark web security companies, NightLion and Shadowbyte.

The email referred to an international hacker group called the Dark Overlord – a notorious hacker group behind various ransomware attacks, which steals data and demands big ransoms for its return.

This is the same group that allegedly stole students’ records in several U.S states. In the past, a British man was also sentenced to prison for his active role in the hacking group.

 

Troia said the following in an email:

These are very childish actions intended to discredit me for putting out a report which exposed his identity and involvement in several other hacking groups including the dark overlord, gnostic players, and shiny hunters.

According to a report by Bleeping Computer, the hackers send out emails to over 100,000 email addresses. These email addresses were stolen from American Registry for Internet Numbers (ARIN) database.

Accordingly to another report by Bloomberg, hackers also utilized the FBI’s public-facing email system to ensure that the emails seemed more legitimate. However, Kevin Beaumont has confirmed that the emails have a legitimate appearance as their headers are authenticated as coming directly from FBI servers.

The FBI also responded to the incident via an official press release. They said that it is an ongoing investigation and that the impacted hardware was immediately taken offline. The FBI refused to disclose any other piece of information.

According to Bleeping Computer, this spam campaign was an attempt to defame Troia. While expressing his thoughts on the matter, Troia speculates that an individual named Pompompurin” may have launched this attack.

Austin Berglas, a former assistant special agent in charge of the FBI’s New York office cyber branch, has said:

It could have just been a group or individuals looking to get some street cred to tout on underground forums. I would think that it would be some sort of criminal group or some sort of ‘hacktivist’ group,” rather than a coordinated state-backed attack. The compromised system was an unclassified server used by FBI personnel to communicate outside of the organization, and the hackers didn’t appear to have gained access to internal databases containing state secrets or classified information.

Brian Krebs, a computer security reporter, confirms a connection between the individual Pompompurin and the incident. He says that he received a message from the attacker who was using an FBI email address. The attacker said that he wanted to reveal the security vulnerabilities within the FBI’s email systems.