Unauthorized emails from a legitimate FBI address were sent to thousands of organizations after a cyberattack, was announced Saturday. More than 100,000 inboxes were hit with the emails appearing they came directly from the FBI and Department of Homeland Security. The emails came from the address email@example.com and were signed with the message “stay safe.” The emails told recipients that they were the target of a “sophisticated chain attack” from an extortion group known as the Dark Overlord. There was no malware attached to the emails. „We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity to ic3.gov or cisa.gov,” they said. “This is an ongoing situation and we are not able to provide any additional information at this time,” the FBI also specified in a statement. An investigation was launched.
The agency said the affected hardware was quickly taken offline after the issue was detected. At this time it is not yet clear whether the emails were sent by an individual with cleared access to the FBI servers or if hackers were involved. “Our telemetry indicates that there were two ‘spam’ waves, one shortly before 5 AM (UTC) [12.am. E.T.] and another one shortly after 7 AM (UTC) [2a.m. E.T.], the non-profit organization Spamhaus Project, based in Andorra and Switzerland, which tracks spam, said. Hackers have repeatedly targeted US government agencies in recent times. The FBI has multiple email systems and it is not the classified system that was compromised.