InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself.
This article is quite long and detailed, but the one thing they never quite do is establish exactly what Infragard is. I’ll let the FBI’s website explain.
InfraGard is a partnership between the Federal Bureau of Investigation (FBI) and members of the private sector for the protection of U.S. Critical Infrastructure. Through seamless collaboration, InfraGard connects owners and operators within critical infrastructure to the FBI, to provide education, information sharing, networking, and workshops on emerging technologies and threats. InfraGard’s membership includes: business executives, entrepreneurs, lawyers, security personnel, military and government officials, IT professionals, academia and state and local law enforcement—all dedicated to contributing industry-specific insight and advancing national security.
InfraGard is essentially the purest example of the Corporate-State Complex that I have written about for quite some time. It’s a way for the FBI and powerful people in the corporate world to communicate, set up gay ops, and figure out the best way to oppress the American People. It’s also a way for them to accidentally on purpose collect information on all of you. For example, your ISP can tell them what sites you’ve gone to, your credit card company can tell them what you’ve purchased, YouTube/Google can tell them what videos you’ve watched, etcetera. All info that they cannot easily obtain legally they can get from these types. And they can accidentally on purpose give some info they’ve collected on you to these guys, who can then deny you service because LOLbertarianism is a complete and utter joke.
Now back to Krebson Security.
[The hacker whose InfraGard username was USDoD] said they gained access to the FBI’s InfraGard system by applying for a new account using the name, Social Security Number, date of birth and other personal details of a chief executive officer at a company that was highly likely to be granted InfraGard membership.
The CEO in question — currently the head of a major U.S. financial corporation that has a direct impact on the creditworthiness of most Americans — told KrebsOnSecurity they were never contacted by the FBI seeking to vet an InfraGard application.
USDoD told KrebsOnSecurity their phony application was submitted in November in the CEO’s name, and that the application included a contact email address that they controlled — but also the CEO’s real mobile phone number.
“When you register they said that to be approved can take at least three months,” USDoD said. “I wasn’t expected to be approve[d].”
But USDoD said that in early December, their email address in the name of the CEO received a reply saying the application had been approved (see redacted screenshot to the right). While the FBI’s InfraGard system requires multi-factor authentication by default, users can choose between receiving a one-time code via SMS or email.
“If it was only the phone I will be in [a] bad situation,” USDoD said. “Because I used the person[‘s] phone that I’m impersonating.”
Literally all these fat pedo retards had to do was call the CEO and verify that user “USDoD” was they claimed they were. But that was just way too much work for the trannies of colour at the FBI. Our enemies are lazy and stupid, but can seem formidable due purely to them controlling all the levers of power. As Jazz and Warren said on the last FTN, these people are playing the game on easy mode with the cheat codes turned on. That doesn’t make them good or even the slightest bit competent.
USDoD said the InfraGard user data was made easily available via an Application Programming Interface (API) that is built into several key components of the website that help InfraGard members connect and communicate with each other.
Are you fucking kidding me?
USDoD said after their InfraGard membership was approved, they asked a friend to code a script in Python to query that API and retrieve all available InfraGard user data.
Are. You. Fucking. Kidding. Me.
To prove they still had access to InfraGard as of publication time Tuesday evening, USDoD sent a direct note through InfraGard’s messaging system to an InfraGard member whose personal details were initially published as a teaser on the database sales thread.
Update, 10:58 p.m. ET: Updated the story after hearing from the financial company CEO whose identity was used to fool the FBI into approving an InfraGard membership. That CEO said they were never contacted by the FBI.
Update, 11:15 p.m. ET: The FBI just confirmed that it is aware of a potential false account associated with the InfraGard portal. The story now includes their full statement.
When I first saw this story I thought it was fake. It has since been confirmed by the FBI, and picked up by numerous uncensored propaganda outlets. It’s also not even the only hacking of the FBI done this week.
Russian hacker group KillNet has claimed to have infiltrated the FBI in a massive cyber-attack on the US security agency. The pro-Kremlin group has reportedly posted online claiming to have stolen the personal data of more than 10,000 US federal agents.
KillNet’s attack is as yet unverified but the group claim’s the data hacked includes social media passwords and bank details.
This one is unverified. The articles I read reference proof videos, but don’t link to them or even show screencaps. Even if we believe this story to be exaggerated, in November of 2021 the FBI had one of their servers hacked, so we have two confirmed hacks in the last 13 months.
The FBI’s email server was apparently hacked on Friday night to send threatening spam emails to over 100,000 people, the agency said.
The FBI confirmed the incident on Saturday, but said the hacked systems were “taken offline quickly,” after it had been reported.
“The FBI and CISA are aware of the incident this morning involving fake emails from an @ic.fbi.gov email account,” the agency said in a statement. “This is an ongoing situation and we are not able to provide any additional information at this time.
“The impacted hardware was taken offline quickly upon discovery of the issue. We continue to encourage the public to be cautious of unknown senders and urge you to report suspicious activity ic3.gov or cisa.gov.”
That story is almost more ridiculous, since hacking into a server should be difficult if not outright impossible. The articles from 2021 give no explanation of how this was done, probably because it’s even more embarrassing than their total failure to so much as call the finance CEO before vetting “him.” But that’s just your modern FBI. A totally malicious and totally evil organization that bumbles its way around like a retarded bull in a China shop at the beck and call of the ADL.