The FBI appears to have been used as a pawn in a fight between hackers and security researchers. According to Bleeping Computer, the FBI confirmed that intruders who infiltrated its servers used the agency’s email servers in the early hours of November 13 to send fake messages claiming the recipients were against data breaches. The emails highlighted the untrue attacks on Vinny Troia, the head of dark web security firms NightLion and Shadowbyte.
The nonprofit intelligence organization Spamhaus quickly brought the fake messages to light. The attackers used legitimate FBI systems to carry out the attack, using email addresses from the American Registry for Internet Numbers (ARIN) database, among other sources. The fake emails reached more than 100,000 addresses in at least two waves.
The FBI described the attack as “an ongoing situation” and initially stated that it had no further details to share. It asked recipients of the email to report such messages to the bureau’s Internet Crime Complaint Center or the Cybersecurity and Infrastructure Security Agency. Troia told Bleeping Computer that she believes the perpetrators may be linked to “Pompomourin,” a person who attacked the researcher in the past.
Feuds between hackers and the security community are not new. In March, attackers exploiting Microsoft Exchange servers tried to implicate security journalist Brian Krebs by using a fake domain. However, it’s extremely rare for a government agency like the FBI to use real domain names as part of their campaign for such attacks.
52926
