FBI system hacked to email ‘urgent’ warning about fake cyberattacks

The Federal Bureau of Investigation (FBI) email servers were hacked to distribute spam email impersonating FBI warnings that the recipients’ network was breached and data was stolen.

The emails pretended to warn about a “sophisticated chain attack” from an advanced threat actor known, who they identify as Vinny Troia. Troia is the head of security research of the dark web intelligence companies NightLion and Shadowbyte

The spam-tracking nonprofit SpamHaus noticed that tens of thousands of these messages were delivered in two waves early this morning. They believe this is just a small part of the campaign.

Legitimate address delivers fake content

Researchers at the Spamhaus Project, an international nonprofit that tracks spam and associated cyber threats (phishing, botnets, malware), observed two waves of this campaign, one at 5 AM (UTC) and a second one two hours later.

The messages came from a legitimate email address – [email protected] – which is from FBI’s Law Enforcement Enterprise Portal (LEEP), and carried the subject “Urgent: Threat actor in systems.”

All emails came from the FBI’s IP address 153.31.119.142 (mx-east-ic.fbi.gov), Spamhaus told us.

Fake cyber attack alert from legit FBI email address

The message warns that a threat actor has been detected in the recipients’ network and has stolen data from devices.

Our intelligence monitoring indicates exfiltration of several of your virtualized clusters in a sophisticated chain attack. We tried to blackhole the transit nodes used by this advanced persistent threat actor, however there is a huge chance he will modify his attack with fastflux technologies, which he proxies trough multiple global accelerators. We identified the threat actor to be Vinny Troia, whom is believed to be affiliated with the extortion gang TheDarkOverlord, We highly recommend you to check your systems and IDS monitoring. Beware this threat actor is currently working under inspection of the NCCIC, as we are dependent on some of his intelligence research we can not interfere physically within 4 hours, which could be enough time to cause severe damage to your infrastructure.


Stay safe,

U.S. Department of Homeland Security | Cyber Threat Detection and Analysis | Network Analysis Group

Spamhaus Project told BleepingComputer that the fake emails reached at least 100,000 mailboxes. The number is a very conservative estimate, though, as the researchers believe “the campaign was potentially much, much larger.”

In a tweet today, the nonprofit said that the recipients were scraped from the American Registry for Internet Numbers (ARIN) database.

While this looks like a prank, there is no doubt that the emails originate from the FBI’s servers as the headers of the message show that its origin is verified by the DomainKeys Identified Mail (DKIM) mechanism.

Received: from mx-east-ic.fbi.gov ([153.31.119.142]:33505 helo=mx-east.fbi.gov)
envelope-from 
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=fbi.gov; s=cjis; t=1636779463; x=1668315463;
  h=date:from:to:message-id:subject:mime-version;
  bh=UlyBPHe3aElw3Vfnk/pqYLsBAoJGDFR1NyZFcSfpl5g=;
  b=N3YzXzJEbQCTJGh8qqjkYu/A5DTE7yoloPgO0r84N+Bm2ae6f+SxzsEq
   nbjnF2hC0WtiVIMMUVGzxWSiZjq1flEygQGI/JVjjk/tgVVPO5BcX4Os4
   vIeg2pT+r/TLTgq4XZDIfGXa0wLKRAi8+e/Qtcc0qYNuTINJDuVxkGNUD
   62DNKYw5uq/YHyxw+nl4XQwUNmQCcT5SIhebDEODaZq2oVHJeO5shrN42
   urRJ40Pt9EGcRuzNoimtUtDYfiz3Ddf6vkFF8YTBZr5pWDJ6v22oy4mNK
   F8HINSI9+7LPX/5Td1y7uErbGvgAya5MId02w9r/p3GsHJgSFalgIn+uY
   Q==;
   X-IronPort-AV: E=McAfee;i="6200,9189,10166"; a="4964109"
   X-IronPort-AV: E=Sophos;i="5.87,231,1631577600"; 
   d="scan'208";a="4964109"
Received: from dap00025.str0.eims.cjis ([10.67.35.50])
  by wvadc-dmz-pmo003-fbi.enet.cjis with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Nov 2021 04:57:41 
+0000
Received: from dap00040.str0.eims.cjis (dap00040.str0.eims.cjis [10.66.2.72])
	by dap00025.str0.eims.cjis (8.14.4/8.13.8) with ESMTP id 1AD4vf5M029322
	for ; Fri, 
Read More... Read More

The Top Business Technology Trends for 2021-2022

With the new year just around the corner, the world of business is set to see great change. From 5G and the Internet of Things to the blockchain, new technology trends are creating a digital transformation for companies on a global level. In this article, we’ll take a look at the latest trends in technology to keep an eye out for in 2022 and beyond.

Top Technology Trends for Businesses in 2022

2022 Updates to ISO 27002

In 2022 there will be an update to the ISO 27002 supplementary standard (ISO 27002:2022). ISO 27002 is a reference guide for implementing the optional security controls listed in Annex A of ISO 27001. These controls help companies create an ISMS (information security management system) that complies with the Standard.

Examples of Proposed Changes

  • New controls including data leakage prevention and web filtering.
  • Re-structuring/consolidations/removal of existing controls

While these updates will not have an immediate impact on the ISO 27001:2013 framework, they will provide added context and clarity for those seeking ISO/IEC 27001 certification in 2022, particularly as it relates to modern data security practices such as cloud security.

5G and the Internet of Things (IoT)

The impact of IoT on security in the workplace

Learn more about the security impacts of IoT in our infographic

5G’s future rests on software-defined networking (SDN), whose main concept is to decouple the infrastructure of wireless networks from expensive, closed hardware and shift it to an intelligent software layer running on commodity hardware.

Tom Canning, NetworkComputing.com

The 5G network represents the next generation of mobile communication. Its speed improvements alone are a revolution; 5G will take roughly one millisecond to respond to commands, whereas 4G can take up to 200 milliseconds.

The improved efficiencies offered by the 5G network will benefit businesses that rely on IoT (physical things connected to the internet). Self-driving vehicles, for example, rely heavily on IoT devices to navigate roadways and traffic. Property management and leasing companies are now using IoT devices to build and maintain smarter buildings that utilize connected HVAC infrastructure and automated door locks, thermostats, smoke detectors, and more.

Investing in the 5G network and expanding the use of IoT in business will also help to reduce a company’s carbon footprint. The reputation of a business is now, more than ever, heavily predicated on the practices and technology put in place to help reduce the harm that the operation inflicts on the environment and the climate.

With digital technology systems such as 5G and IoT, businesses can reduce their carbon footprint by up to 15% by 2030, according to an article published by Jens Malmodin and Pernilla Bergmark for the Atlantis Press.

Artificial Intelligence

AI has become integral in our daily lives as smartphones and their various applications, including artificial intelligence software such as Apple’s Siri and Google Assistant. McKinsey estimates that by 2024 AI-generated speech will be behind more than 50% of people’s interactions with computers.

With AI, your smartphone can be used to measure distances and to simulate the way that a piece

Read More... Read More