FBI spams thousands with fake infosec advice after 'software misconfiguration'

2021-11-15 02:30

The United States Federal Bureau of Investigation has admitted that a software misconfiguration let parties unknown send email from its servers.

A statement from the Bureau, dated November 14th, states that the agency "Is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal to send fake emails".

Whoever was behind the attack, the FBI has admitted it was real and that a server it operates was used to send the mails.

Another Spamhaus Tweet suggests that whoever got in was able to use the FBI server to send two spurts of mail, with around 100,000 messages making it out.

The following chart shows email traffic originating from the FBI mailserver involved.

The FBI explains that the server was "Dedicated to pushing notifications for LEEP and was not part of the FBI's corporate email service", and that no data or personally identifiable information was accessed.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/11/15/fbi_fake_emails/

#FBI #infosec #spam