The cybersecurity media site KrebsOnSecurity first noticed the theft after coming across a thread about it on the underground hacker forum Breached. According to the advertisement, the FBI’s InfraGard may be yours for the “beginning” fee of fifty thousand dollars. The original commenter, who only identifies by USDoD, curiously states, “This will only be sold once and once only.” The way I live my life is how I prefer to run my company.
Representatives of the FBI may network with “corporate executives, businessmen, attorneys, uniformed officers, federal and military figures, IT experts, academics as well as state and local law officials” via the InfraGard platform. As stated on their webpage, Infragard is primarily utilized for disseminating knowledge and educating the public about new security concerns. You need an Infragard profile to work together, and since the FBI isn’t very good at protecting them, they’re vulnerable to abuse.
The hacker Employed a Python Code
It would seem that InfraGard’s validation standards for user profile applications are lax. The “USDoD” allegedly applied for an account using the information of a genuine financial CEO and received permission in under a month. After gaining access, the attacker deployed a Python code to InfraGard’s API and stole the contact details of 87,000 individuals. The Entrepreneur whose information was taken claims the FBI never approached him before the hack, suggesting that the InfraGard portal’s claims of exclusivity mask very low verification procedures.
With certain individuals’ email accounts, Social Security numbers, as well as birth information absent from the list, USDoD acknowledges that their pricing may seem exorbitant. In a follow-up remark on the first post, the $50k list price was only a starting point for discussions and not a firm offer. Pompompurin, the operator of Breach, has been tasked with facilitating the sale, the US Department of Defense has said. This week, the FBI acknowledged the intrusion but has not provided any more details beyond claiming the incident is “ongoing.”
