米 FBI のシステムが第三者に不正に悪用され、外部に大量のスパムメールを送信
The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails. LEEP is FBI IT infrastructure used to communicate with our state and local law enforcement partners. While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on the FBI’s network. Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks.
On November 13, 2021, the FBI.gov domain was used to send out hoax emails to tens of thousands of people regarding Night Lion’s ongoing investigation into The Dark Overlord hacking group. The purpose of the email was to apparently discredit Night Lion & Shadowbyte’s founder, Vinny Troia, claiming that I am a member of that group.
I was initially warned of the attack around 10 pm EST on November 12 when user PomPompurin contacted me via direct message on Twitter to say “Enjoy”. I knew immediately an attack was coming as he typically likes to (sadistically) give me a heads-up right before they stage some sort of attack on me.