The FBI's highly secured information exchange network "InfraGard" was hacked, the member data copied and now offered for sale on the dark web. The FBI's own KRITIS contact platform is intended to securely network 80.000 members for the exchange of information.
With InfraGard, the FBI maintains a program to build partnerships to share information about cyber and physical threats. However, this week suddenly more than 80.000 contact details of members of the InfraGard platform were for sale in a forum on the dark web. This is reported in an article on the krebsonsecurity.com platform. The curious thing: the hacker had set up an account on InfraGard with the identity of a CEO of the financial industry, which was also checked by the FBI itself.
Hack: 80.000 records are for sale
The cybercrime forum Breached has probably had a new feature since December 10, 2022: the user database of tens of thousands of InfraGard members, including names and contact information. The FBI's InfraGard information exchange network aims to be a vetted who's who of key individuals spanning both cyber and physical security at companies that manage most of the country's critical infrastructure. The KRITIS area includes drinking water and power supply companies, communications and financial services companies, transport and manufacturing companies, healthcare providers and nuclear energy companies.
In response to the information shared by KrebsOnSecurity, the FBI said it was aware of a potentially false account related to the InfraGard portal and was actively investigating the matter. For more information, Brain Krebs contacted the vendor of the InfraGard database, who uses the name "USDoD" on the forums and whose avatar is the US Department of Defense seal.
Price: $50.000 for the database
In the ensuing conversation, the user USDoD stated that he used the identity of a CEO to access. He was sure that this would give him access. A query from Brain krebs to the CEO in question revealed that the FBI never had a query and he was never contacted. After some time, the user USDoD simply received a release with access data from the FBI. The hacker is currently offering the data for $50.000. He wants to wait and see who is interested in it.