Hackers compromised a Federal Bureau of Investigation (FBI) email system on 13 November and sent tens of thousands of messages warning of a possible cyberattack, according to the agency and security specialists.
Fake emails appeared to come from a legitimate FBI email address ending in @ic.fbi.gov, the FBI said in a statement.
Although the hardware impacted by the incident “was taken offline quickly upon discovery of the issue,” the FBI said, “This is an ongoing situation.”
The hackers sent tens of thousands of emails warning of a possible cyberattack, threat-tracking organization Spamhaus Project said on its Twitter account.
A copy of an email posted by Spamhaus on Twitter showed a subject line of “Urgent: Threat actor in systems” and appeared to end with a sign-off from the Department of Homeland Security.
The FBI is part of the Department of Justice.
Bloomberg News reported the incident on 13 November.
Both the FBI and Cybersecurity and Infrastructure Security Agency are aware of the incident, the FBI statement said.
The incident comes on the heels of a number of high-profile breaches of US government networks in recent months, including a Russia-based attack that compromised at least nine federal agencies, and a Chinese-based hacking campaign so severe that the Cybersecurity and Infrastructure Security Agency had to issue a rare mandate for all government agencies to immediately update their software.
While it’s common for scammers to make it appear that they’re sending an email from someone else’s address, the emails’ metadata made it clear that they were sent from an FBI server, said Alex Grosjean, a researcher at the Spamhaus Project, a European nonprofit that monitors email spam.
The recipients of the emails appear to be the publicly listed administrators of websites listed on the American Registry for Internet Numbers, Grosjean said.
In an emailed statement, the FBI and Cybersecurity and Infrastructure Security Agency indicated an unauthorized person had accessed FBI infrastructure and said that the situation was ongoing.