There have been reports of spam mail being sent under the name of the FBI domain (fbi.gov). The e-mail was sent by a hacker for a vulnerability in the FBI system, and the FBI has already taken a response by taking the server offline.
According to the FBI, there have been instances of fake emails being sent from the email address @ic.fbi.gov. Security blog KrebsOnSecurity, which received the e-mail, contacted pompompurin, leading to testimonies that it had been hacked to point out system vulnerabilities. According to him, LEEP (Law Enforcement Enterprise Portal), a malicious service provided by the FBI to a resource beneficial to law enforcement and law enforcement agencies, allows anyone to register a user, and at this time, the one-time password was leaked from the FBI site’s HTML code.
Editing the request sent to the browser and rewriting the message subject and body fields, I succeeded in sending an email to myself from that email (eims@ic.fbi.gov). Afterwards, he created a simple script, replaced the parameters with his own, and sent fake messages to thousands of email addresses.
It is said that the content of the message in this case was that the founder of a security company (Shadowbyte) was attacking the FBI. As it is reported to the hacking community that hacks websites and security researchers do wrong, it is pointed out that Source One is a member of the hacking community. Related information can be found here.
Add comment