Security News

On Saturday, spam tracker Spamhaus tweeted that it had learned of "Scary" emails being sent purportedly from the FBI and Department of Homeland Security. Though the emails were sent from a portal owned by the FBI and DHS, Spamhaus said that the messages themselves were fake.

The Spamhaus Project, a European nonprofit that monitors email spam, detected the exploit and tweeted about it early Saturday morning, saying that "We have been made aware of 'scary' emails sent in the last few hours that purport to come from the FBI/DHS. While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS, our research shows that these emails *are* fake." "Hi its pompompurin. Check headers of this email it's actually coming from FBI server. I am contacting you today because we located a botnet being hosted on your forehead, please take immediate action thanks."

The United States Federal Bureau of Investigation has admitted that a software misconfiguration let parties unknown send email from its servers. A statement from the Bureau, dated November 14th, states that the agency "Is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal to send fake emails".

The U.S. Federal Bureau of Investigation on Saturday confirmed unidentified threat actors have breached one of its email servers to blast hoax messages about a fake "Sophisticated chain attack." "Vinny Troia wrote a book revealing information about hacking group TheDarkOverlord. Shortly after, someone began erasing ElasticSearch clusters leaving behind his name. Later his Twitter was hacked, then his website. Now a hacked FBI email server is sending this," Hutchins tweeted.

Well-known email tracking organisation Spamhaus, which maintains lists of known senders of spams and scams, is warning of a fraudulent "FBI/Homeland Security" alert that has apparently been widely circulated to network administrators and other IT staff in North America. Urgent: Threat actor in systems Our intelligence monitoring indicates exfiltration of several of your virtualized clusters in a sophisticated chain attack.

The Federal Bureau of Investigation email servers were hacked to distribute spam email impersonating FBI warnings that the recipients' network was breached and data was stolen. The emails pretended to warn about a "Sophisticated chain attack" from an advanced threat actor known, who they identify as Vinny Troia.

The Federal Bureau of Investigation warned private industry partners of attempts by an Iranian threat actor to buy stolen information regarding US and worldwide organizations. According to the FBI, the threat actor will likely use the leaked data bought from clear and dark web sources to breach the systems of related organizations.

The FBI's Cyber Division said in a private industry notification issued earlier this week that ransomware gangs have hit several tribal-owned casinos, taking down their systems and disabling connected systems. Limited cyber investigative capabilities and law enforcement resources are likely some of the reasons behind ransomware groups' seeing US tribes as desirable targets, according to the FBI. Ransomware gangs that coordinated attacks against tribal communities include REvil, Bitpaymer, Ryuk, Conti, Snatch, and Cuba.

The Federal Bureau of Investigation warns that victims of various fraud schemes are increasingly asked by criminals to use cryptocurrency ATMs and Quick Response codes, making it harder to recover their financial losses. "The FBI has seen an increase in scammers directing victims to use physical cryptocurrency ATMs and digital QR codes to complete payment transactions," the federal law enforcement agency said.

The Federal Bureau of Investigation warns that ransomware gangs are targeting companies involved in "Time-sensitive financial events" such as corporate mergers and acquisitions to make it easier to extort their victims. "The FBI assesses ransomware actors are very likely using significant financial events, such as mergers and acquisitions, to target and leverage victim companies for ransomware infections," the federal law enforcement agency said.