FBI spams thousands with fake infosec advice after 'software misconfiguration'

Looks like feuding hackers wanted to expose Feds' failings as a public service. We want to believe

The FBI has admitted that a software misconfiguration let parties unknown send legit-looking email from its servers.

A statement from the bureau, dated November 14, states the agency "is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails."

Spam-tracking service Spamhaus tweeted about the incident on November 13.

The mails contained a warning that FBI monitoring had detected "exfiltration of several of your virtualized clusters in a sophisticated chain attack" perpetrated by a chap named Vinny Troia, the founder of infosec firms named Shadow Byte Cyber and Night Lion Security.

There is no indication Troia had anything to do with the incident and The Register makes no suggestion he was in any way involved. However, an entity using the name and Twitter handle "@pompompur_in" appears to have told Krebs on Security they were behind the incident.

"I could've 1000% used this to send more legit looking emails, trick companies into handing over data etc.," Pompompurin told Krebs. "And this would've never been found by anyone who would responsibly disclose, due to the notice the feds have on their website."

Troia also appears to have attributed the incident to @pompompur_in.

For what it's worth, @pompompur_in's Twitter profile states it also operates a private account on the service with the handle @seds. The profile for that account reads: "Call me vinny troia the way I be selling DBs." Other @pompompur_in posts suggest bad blood between whoever operates the account and Troia.

Whoever was behind the attack, the FBI has admitted it was real and that a server it operates was used to send the mails. Another Spamhaus Tweet suggests that whoever got in was able to use the FBI server to send two spurts of mail, with around 100,000 messages making it out.

The server in question was part of LEEP, which the FBI describes as "a secure platform for law enforcement agencies, intelligence groups, and criminal justice entities [that] provides web-based investigative tools and analytical resources" for other law enforcement agencies.

"Users collaborate in a secure environment, use tools to strengthen their cases, and share departmental documents." Or at least that's what they do when they're not trying to figure out what "exfiltration of several of your virtualized clusters in a sophisticated chain attack" means.

But we digress.

The FBI explains that the server was "dedicated to pushing notifications for LEEP and was not part of the FBI's corporate email service", and that no data or personally identifiable information was accessed.

"Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks."

Unusually, the FBI's posts don't mention an investigation into the incident. Perhaps the Bureau's waiting for the weekend to end before trying to track down @pompompur_in. ®

Similar topics

Other stories you might like

  • Meg Whitman – former HP and eBay CEO – nominated as US ambassador to Kenya

    Donated $110K to Democrats in recent years

    United States president Joe Biden has announced his intention to nominate former HPE and eBay CEO Meg Whitman as Ambassador Extraordinary and Plenipotentiary to the Republic of Kenya.

    The Biden administration's announcement of the planned nomination reminds us that Whitman has served as CEO of eBay, Hewlett Packard Enterprise, and Quibi. Whitman also serves on the boards of Procter & Gamble, and General Motors.

    The announcement doesn't remind readers that Whitman has form as a Republican politician – she ran for governor of California in 2010, then backed the GOP's Mitt Romney in his 2008 and 2012 bids for the presidency. She later switched political allegiance and backed the presidential campaigns of both Hillary Clinton and Joe Biden.

    Continue reading
  • Ex-Qualcomm Snapdragon chief turns CEO at AI chip startup MemryX

    Meet the new boss

    A former executive leading Qualcomm's Snapdragon computing platforms has departed the company to become CEO at an AI chip startup.

    Keith Kressin will lead product commercialization for MemryX, which was founded in 2019 and makes memory-intensive AI chiplets.

    The company is now out of stealth mode and will soon commercially ship its AI chips to non-tech customers. The company was testing early generations of its chips with industries including auto and robotics.

    Continue reading
  • Aircraft can't land safely due to interference with upcoming 5G C-band broadband service

    Expect flight delays and diversions, US Federal Aviation Administation warns

    The new 5G C-band wireless broadband service expected to rollout on 5 January 2022 in the US will disrupt local radio signals and make it difficult for airplanes to land safely in harsh weather conditions, according to the Federal Aviation Administration.

    Pilots rely on radio altimeter readings to figure out when and where an aircraft should carry out a series of operations to prepare for touchdown. But the upcoming 5G C-band service beaming from cell towers threatens to interfere with these signals, the FAA warned in two reports.

    Flights may have to be delayed or restricted at certain airports as the new broadband service comes into effect next year. The change could affect some 6,834 airplanes and 1,828 helicopters. The cost to operators is expected to be $580,890.

    Continue reading

Biting the hand that feeds IT © 1998–2021