There is evidence that the FBI was used as a pawn in a hacker-security researcher battle. Earlier today (November 13th), the FBI confirmed intruders broke into its email server to send fake alerts claiming recipients had experienced data breaches.
Vinnie Troia, the owner of the dark web security companies NightLion and Shadowbyte, was blamed for the nonexistent attacks in the emails.
As soon as the bogus messages were discovered, Spamhaus, a non-profit intelligence organization, exposed them.
They scraped email addresses from ARIN’s database among other sources for the attack, which was carried out through legitimate FBI systems. The fake emails were sent to over 100,000 addresses in at least two waves.
In the beginning, the FBI didn’t have detailed information on the hack. The agency described it as an “ongoing situation.”
The agency asked email recipients to report these messages to its Internet Crime Complaint Center or the Cybersecurity and Infrastructure Security Agency.
Bleeping Computer reported Troia believed the perpetrators were linked to “Pompomourin,” a persona that has attacked the researcher in the past.
Security professionals and hackers have long been at odds. Attackers tried to use a rogue domain to implicate security journalist Brian Krebs in March by exploiting Microsoft Exchange servers.
They tend not to use official government domains for their campaigns, like those of the FBI. It may work better than usual, since a lot of anxious IT administrators called the FBI; however, it might also prompt a particularly swift response from law enforcement – you don’t want to be a victim.