Hours after initially acknowledging that a hack had taken place after it was reported by one of the largest anti-spam groups Spamhaus Project, FBI acknowledged on Sunday that there fake emails were sent out from its server, but claimed that its network had not been entirely compromised.
Claiming that no one was able to access or compromise any data or personal identifiable information on its network, the Federal Bureau of Investigation explained that the illegitimate emails were sent from an FBI operated server that is not part of the FBI’s corporate email service.
Austin Berglas of cybersecurity company BlueVoyant, former assistant special agent in charge of the FBI’s cyber branch in New York, explained earlier that the email system compromised by hackers is not one used for classified government information but an external account used to receive and transmit unclassified information.
According to the statement, that server was only used for pushing notifications from the Law Enforcement Enterprise Portal (LEEP) that is used to solely communicate with state and local law enforcement officials.
The agency confirmed on Saturday a hacking incident has taken place involving tens of thousands fake emails from an @ic.fbi.gov email account that included a message warning of a “sophisticated chain attack” with a subject line reading “Urgent: threat actor in systems”.
The email pointed to cybersecurity expert Vinny Troia, whom is believed to be affiliated with the extortion gang TheDarkOverlord, as the threat actor.
Spamhaus stressed that no malware was attached to the emails.
Once the FBI officials were made aware of the situation, they warned partners to disregard the fake emails and quickly remediated the software vulnerability, confirming later the integrity of the agency’s networks.