Apr 152019
 

Alex Johnson reports:

A nonprofit organization affiliated with the FBI confirmed that hackers breached the web servers of multiple chapters and published the names and addresses of hundreds of law enforcement personnel and thousands of other people online.

The hacked materials, which were released late last week and obtained Sunday by NBC News, include names, job descriptions, email addresses and, in some cases, street addresses of more than 23,000 people in multiple databases. More than 1,000 of the email addresses belong to the FBI.gov domain and the domains of other federal, state and local law enforcement agencies.

Read more on NBC News.

There’s a lot that’s creating buzz about this group of threat actors and their leaks, not the least of which is the reluctance of major media outlets to name the group or provide details on the leaked data.  DataBreaches.net has obtained the freely offered data dumps, and I assume that many other news outlets and non-news parties have also obtained the data by now.

So what are these threat actors really up to? Their claim over the weekend that “We demand freedom for Peter Levashov,” a convicted Russian spammer, may not appear to be credible at first blush, but Levashov is also a virus creator, and this group have also offered ransomware on their site — ransomware that others have declared not to be recognizable as the work of previously known ransomware creators.

As of this morning, Twitter appears to have suspended the group’s twitter account, but their web site is still online, with links to the data dumps that have concerned many.  Their most recent dump, which they described as”A list of people being watched by the FBI,”  contains more than 22,000 rows or entries with people’s first and last names, company, work area, and email address, appears to contain a lot of media people, but not nationally prominent people for the most part. So what does it mean that the FBI is “watching” them?  Is the FBI merely watching a lot of reporters as part of its usual activities, or are these people “special” somehow?  This database doesn’t quite make sense as described – at least, not yet.

Of course, the data of greatest concern (so far) have been the contact details (phone, work email) of those in agencies such as DHS,  TSA, the Secret Service, Capitol Police, etc. Anything that might increase the effectiveness of a phishing attack is necessarily concerning.

So what will today bring or this week? It’s hard to predict. It seems that the attackers wish to market data and have been creating interest in what they have to offer.  But what price will they ask for it, and what will the quality of their offering be?  I guess we’ll just have to wait and see.

 

Sorry, the comment form is closed at this time.