FBI Website Exploit Leads To Spam-Blast 'From' FBI.gov (krebsonsecurity.com) 14
Long-time Slashdot reader davidwr brings news of "an exploit in the FBI's Law Enforcement Enterprise Portal web site that would let anyone send an email to any arbitrary recipient..."
Security researcher Brian Krebs reports: Late in the evening of November 12 ET, tens of thousands of emails began flooding out from the FBI address eims@ic.fbi.gov, warning about fake cyberattacks.
Around that time, KrebsOnSecurity received an email from the same email address. "Hi its pompompurin," read the message. "Check headers of this email it's actually coming from FBI server. I am contacting you today because we located a botnet being hosted on your forehead, please take immediate action thanks." A review of the email's message headers indicated it had indeed been sent by the FBI, and from the agency's own Internet address. The domain in the "from:" portion of the email I received — eims@ic.fbi.gov — corresponds to the FBI's Criminal Justice Information Services division (CJIS).
According to the Department of Justice... "CJIS systems are available to the criminal justice community, including law enforcement, jails, prosecutors, courts, as well as probation and pretrial services..."
In an interview with KrebsOnSecurity, Pompompurin said the hack was done to point out a glaring vulnerability in the FBI's system. "I could've 1000% used this to send more legit looking emails, trick companies into handing over data etc.," Pompompurin said.
Instead Pompompurin apparently sent emails with the subject line, "Urgent: Threat actor in systems," with the body (apparently from eims@ic.fbi.gov) warning that "Our intelligence monitoring indicates exfiltration of several of your virtualized clusters in a sophisticated chain attack...." The email then blames the real-world founder of two dark web intelligence companies (apparently the subject of a long standing feud with Pompompurin's community), and ultimately closes with the words "Stay safe, U.S. Department of Homeland Security — Cyber Threat Detection and Analysis — Network Analysis Group."
The FBI issued a statement in response to the incident — saying "The impacted hardware was taken offline quickly upon discovery of the issue."
Security researcher Brian Krebs reports: Late in the evening of November 12 ET, tens of thousands of emails began flooding out from the FBI address eims@ic.fbi.gov, warning about fake cyberattacks.
Around that time, KrebsOnSecurity received an email from the same email address. "Hi its pompompurin," read the message. "Check headers of this email it's actually coming from FBI server. I am contacting you today because we located a botnet being hosted on your forehead, please take immediate action thanks." A review of the email's message headers indicated it had indeed been sent by the FBI, and from the agency's own Internet address. The domain in the "from:" portion of the email I received — eims@ic.fbi.gov — corresponds to the FBI's Criminal Justice Information Services division (CJIS).
According to the Department of Justice... "CJIS systems are available to the criminal justice community, including law enforcement, jails, prosecutors, courts, as well as probation and pretrial services..."
In an interview with KrebsOnSecurity, Pompompurin said the hack was done to point out a glaring vulnerability in the FBI's system. "I could've 1000% used this to send more legit looking emails, trick companies into handing over data etc.," Pompompurin said.
Instead Pompompurin apparently sent emails with the subject line, "Urgent: Threat actor in systems," with the body (apparently from eims@ic.fbi.gov) warning that "Our intelligence monitoring indicates exfiltration of several of your virtualized clusters in a sophisticated chain attack...." The email then blames the real-world founder of two dark web intelligence companies (apparently the subject of a long standing feud with Pompompurin's community), and ultimately closes with the words "Stay safe, U.S. Department of Homeland Security — Cyber Threat Detection and Analysis — Network Analysis Group."
The FBI issued a statement in response to the incident — saying "The impacted hardware was taken offline quickly upon discovery of the issue."
YOW! (Score:3)
I am hosting a BOTNET on my FOREHEAD! I must be smarter than I think.
Botnet is better than ... (Score:2)
Botflies [seeker.com]
or, heaven forbid, albino brain chiggers! [youtube.com]
Re: (Score:1)
I feel like I'm in a Toilet Bowl with a thumbtack in my forehead!!
I have a TINY BOWL in my HEAD
My forehead feels like a PACKAGE of moist CRANBERRIES in a remote FRENCH OUTPOST!!
The FALAFEL SANDWICH lands on my HEAD and I become a VEGETARIAN...
45 minutes later CYNDI LAUPER emerges wearing a BIRD CAGE on her head!
Noobs with modpoints, YOW! (Score:2)
Whoever modded my comment as troll should never get modpoints again because they clearly do not know what the fuck is going on in this thread. They should have their nerd card taken away from them and burned immediately.
(What IS going on here, for all the other noobs, is that I grep'd yow.lines for 'head' and posted all the vaguely relevant results)
(If you don't know what yow.lines is, get the fuck off my lawn)
Re: (Score:2)
I am hosting a BOTNET on my FOREHEAD! I must be smarter than I think.
I believe that they have created a new meme. If we're lucky, it'll replace "the goggles, they burn!" nonsense.
The Gestapo got hacked! (Score:1)
So (Score:3)
Did the FBI take down all affected systems or did they take down exactly the ones that were already proven to be affected and assume the rest are fine?
If it... (Score:2)
If it looks like a honey pot,
and sounds like a honey trap,
then it probably is a honey trap.
https://en.wikipedia.org/wiki/... [wikipedia.org]
Trust the government (Score:2)
You know it makes sense...
Hire same Scripties (Score:1)
So it would appear that the FBI uses the same kiddies to generate the same old standard pile of highly vulnerable to misuse crap as everyone else.
In general this is a wattage problem. It only stands to reason that the FBI would be subjected to the same wattage problem as everyone else since they get their light-bulbs at the same store ...
Obligatory xkcd (Score:2)
https://xkcd.com/932/ [xkcd.com]