Hoax Email Blast Abused Poor Coding in FBI Website

Brian Krebs:

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities.

Remember when the FBI insisted they could be trusted with the keys to an encryption backdoor in iOS? Good times.

Monday, 15 November 2021