An email server of the US Federal Bureau of Investigation (FBI) has come under a cyber attack, the Spamhaus Project, which tracks spam and cyber threats, says.
“The following chart shows email traffic originating from the FBI mailserver (http://mx-east-ic.fbi.gov | 22.214.171.124) involved. You can clearly see the two spikes caused by the fake [cyber attack] warning last night,” Spamhaus said on Twitter, posting a picture of the activity graph.
According to Spamhaus, the emails with the fake warning from the Department of Homeland Security (DHS) were sent out to addresses “scraped” from the American Registry for Internet Numbers (ARIN) database.
“While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS (the LEEP portal), our research shows that these emails *are* fake,” Spamhaus said, saying that the emails “are causing a lot of disruption because the headers are real, they really are coming from FBI infrastructure.”
In a later tweet, Spamhaus said that other reports suggest that the Saturday hacking attack was not limited to one database.
“Other, non-ARIN related harvested emails were included in the spam run,” Spamhaus said.
Spamhaus Project told BleepingComputer that the fake emails reached at least 100,000 recipients and that the number of affected mailboxes was likely much larger.
The FBI said in a statement on Saturday that it was “aware of the incident this morning involving fake emails from an @ic.fbi.gov email account.”
No further details were provided, but the FBI specified that the impacted hardware was taken offline quickly upon discovery of the issue.