News

FBI: US Federal Police Hacked

The negative headlines about cyberattacks are not dying down. On the contrary, one gets the feeling that there are more and more of them every year. However, the FBI is now almost a classic target for hackers worldwide. Now there was another attack on servers of the federal police of the United States of America. Obviously, the FBI got off lightly this time.

Vulnerability in the server

The hackers took advantage of a vulnerability in the server structure of the FBI to gain access to the mail account of the federal police. The hacker sent a large number of spam e-mails via the account. The content of the multiple e-mails sent was a warning about an imminent network attack. According to the experts at Spamhaus, a platform that works to combat spam, almost 100,000 such spam e-mails were sent. Each time, the senders were trusted e-mail accounts of the FBI. In view of the subject, which translates as “Urgent: Threat actor in systems”, many US citizens must have been afraid for their network security. It is precisely the authenticity of the sender that makes it clear how dangerous exploiting such a vulnerability can be.

Website as a loophole

But how did the unknown persons gain access to the FBI servers? In doing so, they are said to have simply made use of a leak on the website. Once they had gained access, they could easily send tens of thousands of spam mails after only a short time. This was made possible by a simple account at the “Loop Portal”. In the course of an account registration, the attackers received a confirmation e-mail, which they only had to rewrite by modifying the HTML code. Finally, they automatically sent the e-mail with the said content to the almost 100,000 US citizens.

Needless to say, the FBI is extremely uncomfortable with this incident, to say the least. After all, one does not want to be portrayed as vulnerable in public. The agency said about the incident to the online magazine Bleepingcomputer:

“The FBI is aware of a software misconfiguration that temporarily allowed an actor to use the Law Enforcement Enterprise Portal (Leep) to send spoofed emails”

Further, the U.S. Federal Bureau of Investigation went into more detail about the loopholes in its statement to Bleepingcomputer:

“Leep is the FBI’s IT infrastructure used to communicate with our state and local law enforcement partners. While the spoofed emails originated from a server operated by the FBI, that server was solely responsible for sending notifications for Leep and was not part of the FBI’s corporate email service.”

With its statements, the agency wants one thing above all: to reassure U.S. citizens. After all, it had simply not been possible to access data from the servers. According to the FBI, it was ensured within a very short time that the security leak is fixed.

Simon Lüthje

I am co-founder of this blog and am very interested in everything that has to do with technology, but I also like to play games. I was born in Hamburg, but now I live in Bad Segeberg.

Related Articles

Neue Antworten laden...

Basic Tutorials

Neues Mitglied

2,361 Beiträge 957 Likes

The negative headlines about cyberattacks are not dying down. On the contrary, one gets the feeling that there are more and more of them every year. However, the FBI is now almost a classic target for hackers worldwide. Now there was another attack on servers of the federal police of the United States of America. … (Weiterlesen...)

Antworten Like

Back to top button