- Compromised fbi.gov -e -emails sold for $ 40 on encrypted dark web channels
- Criminals use stolen government accounts to submit forged forced emergency requests to tech businesses
- Sellers offer full SMTP, POP3 or IMAP -Legitimation Information for Complete Contact Control
CyberSecurity scientists have raised concerns about the sale of compromised FBI.Gov and other government’s E -mail accounts on the dark web and warned the activity could enable malware campaigns on a large scale.
A report from abnormal AI claims that these accounts are offered through encrypted messaging services such as telegram and signal, with some prices as low as $ 40.
In some cases, sellers have offered bundles containing several US government accounts, including those with FBI.Gov domains that have a high level of credibility.
Hackers offer full access and high credibility
The cost of these accounts is relatively small, but the potential influence is significant because the accounts can be used to emulate trusted authorities.
Once purchased, typically using cryptocurrency, the buyer receives full SMTP, POP3 or IMAP credentials information. This access level allows control over the account via any E -mail client enabling the sending of messages, attached malicious files or accessing online platforms requiring government verification.
Some ads encourage buyers to submit false requests for nut data.
These are modeled on legitimate requests that law enforcement authorities emit in urgent situations where there is no time to secure a subpoena.
Technology companies and telecommunications providers are legally required to respond to valid requests, which means that forgery can potentially lead to the disclosure of sensitive data, such as IP addresses, E emails and telephone numbers.
Some criminal lists also promote access to official law enforcement portals, with some of these offers appearing even on mainstream platforms such as Tiktok and X.
Stolen credentials are marketed for their ability to lock improved access to open source adaptation tools such as Shodan and Intelligence X, which usually reserve premium functions for verified government users.
The methods used to obtain these accounts are often straightforward but effective.
An important approach is legitimation filling, with attackers utilizing the recycling of password across multiple platforms.
Another method involves infoTealer Malware, which is software designed to extract saved login -credentials from browsers and e -mail clients.
Targeted phishing and social engineering attacks are also common where attackers create misleading e emails or messages that fool state employees to reveal login information or click on malicious links.
In general, these techniques focus on utilizing human and technical vulnerabilities rather than hacking sophisticated government systems directly.
That said, E emails derived from domains such as .gov and .police tend to bypass many technical filters, making recipients more likely to open attachments or click embedded links.
This advantage increases the success rate of phishing trials or the delivery of malware.
While compromised law enforcement accounts have been sold for years, researchers say there has been a recent shift against marketing -specific criminal use cases instead of just offering access.
The report describes this as a commoditization of institutional trust in which active and verified inboxes are reused for immediate fraudulent use.
