The FBI found itself tangled this weekend in a settling of scores between a hacker and a cybersecurity researcher. One of its servers has been hacked and used to send fake e-mails warning about an alleged security breach.
This weekend, a hacker showed how dated one of the FBI’s servers is. The hacker was able to use a simple script to alter the way a web page works and send a bogus email into mass. This message, which therefore seems to come from of the FBI, warns administrators that their systems have been compromised.
The message was thus sent to more than 100,000 e-mail addresses, extracted from the regional internet registry American (ARIN). The bogus message, which claims to come from the FBI, attempts to discredit Vinny Troia, a cybersecurity researcher at the head of the intelligence firms of the dark web NightLion and Shadowbyte. The message appears to be true since it was sent for a long time. address IP and an e-mail address belonging to to the FBI, which was inundated with calls from worried administrators.
FBI registration server implicated
According to the specialist Brian Krebs, the flaw would be due to a portal open to registrations, which then sends a code by e-mail to confirm the address. However, the server seems particularly dated since the code, and all the confirmation email, is generated in the Navigator and sent to the server (via the POST method). A simple script was enough to change the text of the confirmation email to replace it with the fake alert message, then automatically send it to a list of addresses.
According to Vinny Troia, the culprit is an individual known by the nickname Pompomourin who is not at his first attempt. The last time he infiltrated the US national site for missing children and published an article accusing Vinny Troia of pedophilia. The FBI has since claimed to have corrected the flaw and indicated that the hacker had no access to confidential data.
Interested in what you just read?