1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • FBI cyberthreat sharing portal has member data stolen

    From TechnologyDaily@1337:1/100 to All on Wed Dec 14 19:15:03 2022
    FBI cyberthreat sharing portal has member data stolen

    Date:
    Wed, 14 Dec 2022 18:59:30 +0000

    Description:
    Hacker posed as a real CEO to create an account in InfraGard and steal users' information.

    FULL STORY ======================================================================

    An FBI cybersecurity portal has been hacked, with contact information on thousands of its members leaked on an illicit cybercriminal forum.

    More than 80,000 users on the InfraGard portal are thought to have now had their contact information leaked, with hackers messaging members directly under an account posing as an FBI vetted CEO in finance.

    InfraGard works with businesses to share information relating to cyberattacks and other threats. CEO posing

    Names and contact information of these members went up for sale on Breached,
    a new cybercriminal forum.

    InfraGard vets its members, comprised of key people at cybersecurity
    companies that are contracted to handle the security of national
    institutions, such as water, utilities, transport, healthcare and nuclear energy. The aim is to educate both the FBI and firms on cybersecurity threats by exchanging information.

    In responding to the matter, the FBI stated that This is an ongoing
    situation, and we are not able to provide any additional information at this time.

    KrebsOnSecurity made contact with the seller on Breached, who claimed that they applied for an InfraGard account under the guise of a real CEO of a
    major creditworthiness firm.

    They used their name, social security number, email address (which they also claimed they hacked) and phone number to fill out the application. The real CEO told KrebsOnSecurity that they never received contact from the FBI about the application.

    Although not expecting to be accepted, the hacker received an email from InfraGard in early December that said they had indeed been approved.

    InfraGard require multi-factor authentication , but users can choose to receive a one-time code by email instead of SMS. The hacker said that had
    they been forced to use only a phone, they would have been thwarted since
    they used the real phone number of the CEO, which they didn't have access to. read more

    The FBI is launching a cryptocurrency crime unit



    RaidForums hacking forum seized by police, owner arrested



    FBI says Apple's new encryption launch is "deeply concerning"

    To actually steal the database, they claimed they simply exploited an API in the portal that helps members connect to one another. They used a Python script to retrieve the data from it, which contained every user's
    information.

    Although the information they obtained is rather basic and in some instances incomplete, the hacker claimed that their real motive was to continue posing as a CEO and contact other InfraGard members, perhaps in the hopes of extracting more sensitive information.

    The administrator of the Breached forum is Pompompurin, who has a history
    with the FBI. Last year , they exploited a vulnerability in another information sharing portal between the agency local law enforcements, gaining access to send copious amounts of spam emails from legitimate FBI email addresses and IPs. Here are our recommendations for the best endpoint protection software



    ======================================================================
    Link to news story: https://www.techradar.com/news/fbi-cyberthreat-sharing-portal-has-member-data- stolen


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)