A hacker reportedly using a fake email address posed as a chief executive of an American financial institution to gain bureau-approved access to FBI public-private cybersecurity forum InfraGard and is now selling details of its more than 80,000 members.
A posting on the BreachForums criminal site by a user with the handle “USDoD” offers a one-time sale for $50,000 of data the hacker says comes from InfraGard and includes 47,000 email addresses of its members.
The hacker, in an interview with independent cybersecurity reporter Brian Krebs, who broke the story Tuesday evening, described posing as a chief executive of a major corporation to con the FBI into granting admittance to the forum.
The FBI vets admittance to InfraGard, a mechanism for critical infrastructure executives and security personnel to comingle with feds and obtain government intelligence. The bureau says the forum, founded in 1996, offers “direct engagement with the FBI, other government agencies, and private sector experts at the local level.”
USDoD told Krebs the membership application included the real name and mobile number of the unidentified chief executive but a phony email address. InfraGard requires multifactor authentication to log on, but it allows users to choose between receiving a one-time code via SMS or email. The hacker chose email. “I wasn’t expected to be approve[d],” USDoD told Krebs.