nanog mailing list archives
Re: strange scam? email claiming to be from the fbi
From: Jay Hennigan <jay () west net>
Date: Mon, 15 Nov 2021 09:09:02 -0800
Quite a bit of discussion on the outages mailing list. It was an exploited HTML form on the FBI site.
The text reminds me of the Turboencabulator data sheet.
Full body of the email:Our intelligence monitoring indicates exfiltration of several of your virtualized clusters in a sophisticated chain attack. We tried to blackhole the transit nodes used by this advanced persistent threat actor, however there is a huge chance he will modify his attack with fastflux technologies, which he proxies trough multiple global accelerators. We identified the threat actor to be Vinny Troia, whom is believed to be affiliated with the extortion gang TheDarkOverlord, We highly recommend you to check your systems and IDS monitoring. Beware this threat actor is currently working under inspection of the NCCIC, as we are dependent on some of his intelligence research we can not interfere physically within 4 hours, which could be enough time to cause severe damage to your infrastructure.Stay safe,U.S. Department of Homeland Security | Cyber Threat Detection and Analysis | Network Analysis Group
-- Jay Hennigan - jay () west net Network Engineering - CCIE #7880 503 897-8550 - WB6RDV
Current thread:
- strange scam? email claiming to be from the fbi Glenn McGurrin via NANOG (Nov 15)
- Re: strange scam? email claiming to be from the fbi Bill Woodcock (Nov 15)
- Re: strange scam? email claiming to be from the fbi Christopher Morrow (Nov 15)
- Re: strange scam? email claiming to be from the fbi Richard (Nov 15)
- Re: strange scam? email claiming to be from the fbi Jay Hennigan (Nov 15)
- Re: strange scam? email claiming to be from the fbi Sander Steffann (Nov 15)
- Re: strange scam? email claiming to be from the fbi Glenn McGurrin via NANOG (Nov 16)
- Re: strange scam? email claiming to be from the fbi Michael Wayne (Nov 16)