The U.S. Federal Bureau of Investigation (FBI) is reportedly investigating malicious cyber activity on the agency’s network.
The federal law enforcement agency says it already contained the “isolated incident” and is working to uncover its scope and overall impact.
“The FBI is aware of the incident and is working to gain additional information,” the U.S. domestic intelligence and security service told BleepingComputer.
“This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time.”
on Friday that this was a hacking incident involving an FBI New York Field Office computer system used to investigate child sexual exploitation.
An FBI spokesperson was not immediately available for comment when BleepingComputer reached out earlier today to ask for more details.
FBI email servers hacked to push spam messages
In November 2021, the FBI’s email servers impersonating FBI warnings “sophisticated chain attack.”
After the hack, the threat actors sent tens of thousands of such spam messages in multiple waves from [email protected], a legitimate email address linked to the FBI’s Law Enforcement Enterprise Portal (LEEP).
While these emails have reached at least 100,000 mailboxes, according to spam-tracking nonprofit SpamHaus, this was a very conservative estimate since the campaign “was potentially much, much larger.”
”The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails. LEEP is FBI IT infrastructure used to communicate with our state and local law enforcement partners,” the FBI said at the time.
“While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on FBI’s network.”