[Outages-discussion] [outages] not quite an outage, more a hack, "Urgent: Threat actor in systems" emails from FBI infrastructure
Jay Hennigan
jay at west.net
Sat Nov 13 22:21:08 EST 2021
On 11/13/21 08:11, Glenn McGurrin via Outages wrote:
[snip]
The body reads a bit like the data sheet for the Turbo-Encabulator.
> Full body of the email:
>
> Our intelligence monitoring indicates exfiltration of several of your
> virtualized clusters in a sophisticated chain attack. We tried to
> blackhole the transit nodes used by this advanced persistent threat
> actor, however there is a huge chance he will modify his attack with
> fastflux technologies, which he proxies trough multiple global
> accelerators. We identified the threat actor to be Vinny Troia, whom is
> believed to be affiliated with the extortion gang TheDarkOverlord, We
> highly recommend you to check your systems and IDS monitoring. Beware
> this threat actor is currently working under inspection of the NCCIC, as
> we are dependent on some of his intelligence research we can not
> interfere physically within 4 hours, which could be enough time to cause
> severe damage to your infrastructure.
> Stay safe,
> U.S. Department of Homeland Security | Cyber Threat Detection and
> Analysis | Network Analysis Group
> _______________________________________________
> Outages mailing list
> Outages at outages.org
> https://puck.nether.net/mailman/listinfo/outages
--
Jay Hennigan - jay at west.net
Network Engineering - CCIE #7880
503 897-8550 - WB6RDV
More information about the Outages-discussion
mailing list