FBI own KRITIS contact platform hacked and data copied

19 December 2022
| No comments
B2B Cyber ​​Security ShortNews

Share post

The FBI's highly secured information exchange network "InfraGard" was hacked, the member data copied and now offered for sale on the dark web. The FBI's own KRITIS contact platform is intended to securely network 80.000 members for the exchange of information.

With InfraGard, the FBI maintains a program to build partnerships to share information about cyber and physical threats. However, this week suddenly more than 80.000 contact details of members of the InfraGard platform were for sale in a forum on the dark web. This is reported in an article on the krebsonsecurity.com platform. The curious thing: the hacker had set up an account on InfraGard with the identity of a CEO of the financial industry, which was also checked by the FBI itself.

Hack: 80.000 records are for sale

The cybercrime forum Breached has probably had a new feature since December 10, 2022: the user database of tens of thousands of InfraGard members, including names and contact information. The FBI's InfraGard information exchange network aims to be a vetted who's who of key individuals spanning both cyber and physical security at companies that manage most of the country's critical infrastructure. The KRITIS area includes drinking water and power supply companies, communications and financial services companies, transport and manufacturing companies, healthcare providers and nuclear energy companies.

In response to the information shared by KrebsOnSecurity, the FBI said it was aware of a potentially false account related to the InfraGard portal and was actively investigating the matter. For more information, Brain Krebs contacted the vendor of the InfraGard database, who uses the name "USDoD" on the forums and whose avatar is the US Department of Defense seal.

Price: $50.000 for the database

In the ensuing conversation, the user USDoD stated that he used the identity of a CEO to access. He was sure that this would give him access. A query from Brain krebs to the CEO in question revealed that the FBI never had a query and he was never contacted. After some time, the user USDoD simply received a release with access data from the FBI. The hacker is currently offering the data for $50.000. He wants to wait and see who is interested in it.

More at KrebsOnSecurity.com

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more

Short news
, , , , ,