TeqGo.com
No Result
View All Result
No Result
View All Result
TeqGo.com
No Result
View All Result
Home Computer

Hacker Infiltrates FBI Portal, Lists Details of 87,000 Users for Sale

Staff by Staff
December 18, 2022
in Computer
0
Hacker Infiltrates FBI Portal, Lists Details of 87,000 Users for Sale
465
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter


This site may earn affiliate commissions from the links on this page. Terms of use.

(Photo: Shahadat Rahman/Unsplash)
Hackers have exploited a security loophole within one of the FBI’s databases, resulting in tens of thousands of “high profile” individuals’ contact details being listed for sale on the dark web. The breach was discovered Wednesday after the infiltrators had already placed a $50,000 price tag on the stolen information.

KrebsOnSecurity, a security-focused news outlet, first identified the misdeed when it encountered a post on the cybercrime forum Breached. The post claims to offer the entirety of the FBI’s InfraGard for a “starting” price of $50,000 USD. “This will be sold one time only,” mysteriously writes the original poster, who goes by USDoD. “I like to conduct my business the same way that I conduct my life.”

InfraGard is a portal in which members of the FBI can communicate with “business executives, entrepreneurs, lawyers, security personnel, military and government officials, IT professionals, academia and state and local law enforcement.” According to the Infragard homepage, the portal is mainly used for information sharing and for education surrounding emerging threats. But in order to collaborate there, you have to have an Infragard profile—and the FBI’s own lack of robust security has made these profiles ripe for exploitation.

(Screenshot: KremsOnSecurity)

Apparently, InfraGard doesn’t have very stringent verification guidelines for new profile requests. “USDoD” is said to have simply used a real financial CEO’s details to apply for an account, then waited less than a month for approval. Once the hacker was in, they used a Python script to query InfraGard’s API, extracting 87,000 users’ contact information in the process. The CEO whose identity was stolen says the FBI never contacted him prior to the breach, meaning the allegedly “exclusive” InfraGard portal is so lax in its verification measures that it’s a wonder this didn’t happen sooner.

USDoD says their asking price may appear a bit high given some users’ email addresses, Social Security numbers, and dates of birth are missing from the list. The $50k asking price was supposedly a negotiation starter and not a final offer, according to a follow-up comment on the original post. USDoD says the sale, should they find an appropriate buyer, would be facilitated via the Breached administrator who goes by “Pompompurin.”

The FBI confirmed the breach earlier this week but has declined to publicly comment on the matter, saying only that the situation is “ongoing.”

Now Read:





Source link

Previous Post

Artists stage mass protest against AI-generated artwork on ArtStation

Next Post

Most popular stories on GeekWire for the week of Dec. 11, 2022 – GeekWire

Next Post
Most popular stories on GeekWire for the week of Dec. 11, 2022 – GeekWire

Most popular stories on GeekWire for the week of Dec. 11, 2022 – GeekWire

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

Is it hard to be a Starbucks employee?

August 24, 2022
Battery-Powered Shoe Attachment Boosts Walking Speed by 250 Percent

Battery-Powered Shoe Attachment Boosts Walking Speed by 250 Percent

November 1, 2022

Trending.

What happened to Andrew Humphrey on Channel 4 weather?

August 24, 2022

Why is Ben Bailey leaving WDIV?

August 24, 2022

Who is the new weather man on Channel 4 Detroit?

August 24, 2022

What is a 100000 year period called?

August 23, 2022

Who recently left WDIV?

August 24, 2022
  • About us
  • Contact Us
  • Home
  • Privacy Policy and Disclaimer

© 2021-2023 Teqgo.com

No Result
View All Result
  • About us
  • Contact Us
  • Home
  • Privacy Policy and Disclaimer

© 2021-2023 Teqgo.com