The Federal Bureau of Investigation (FBI) email servers were hacked on Saturday and sent tens of thousands of messages warning of a possible cyberattack.
Researchers at the Spamhaus Project, an international nonprofit that tracks spam and associated cyber threats (phishing, botnets, malware), observed two waves of this campaign, one at 5 AM (UTC) and a second one-two hours later.
The messages came from a legitimate email address – [email protected] – which is from FBI’s Law Enforcement Enterprise Portal (LEEP), and carried the subject “Urgent: Threat actor in systems.”
All emails came from the FBI’s IP address 153.31.119.142 (mx-east-ic.fbi.gov).
A copy of an email posted by Spamhaus on Twitter showed a subject line of “Urgent: Threat actor in systems” and appeared to end with a sign-off from the Department of Homeland Security.
These emails look like this:
— Spamhaus (@spamhaus) November 13, 2021
Sending IP: 153.31.119.142 (https://t.co/En06mMbR88)
From: [email protected]
Subject: Urgent: Threat actor in systems pic.twitter.com/NuojpnWNLh
The FBI confirmed that the content of the emails is fake and that they were working on solving the issue as their helpdesk is flooded with calls from worried administrators.
