Share this article on:
The website of the FBI’s biometric standards division was targeted by cyber criminals, causing outages.
A threat actor named “Mr Hamza” posted on Telegram claiming to have brought down the FBIBiospecs website, with a screenshot of the site showing a bad gateway error.
“We’re sorry…,” the site said.
“The page you are looking for had an error.”
According to a check-host.net screenshot by @cyberfeeddigest on X, the site was timing out at all server locations.
However, Cyber Daily has since observed the site is back online in Australia, and check-host.net shows that servers have returned to normal in most locations, except for Hong Kong, Mumbai, and Iran.
Mr Hamza did not explain the intentions for the alleged takedown but has a history of targeting the Israeli government and defence organisations.
According to FalconFeeds.io, Mr Hamza was one of three threat actors who launched 42 cyber attacks against Israeli organisations over the span of four days, from 29 September to 2 October.
The attack types were largely distributed denial-of-service (DDoS) and website defacement attacks, and victims included the Israeli Ministry of Defence and the Directorate of Defence Research and Development.
“These attacks, particularly the DDoS efforts, were likely intended to disrupt vital defense infrastructure and cause panic,” wrote FalconFeeds.io.
The FBI DDoS closely follows firewall access to an unnamed FBI subdivision being allegedly sold by a threat actor from the Hellcat ransomware group, which recently breached Schneider Electric last month.
Threat actor “miyako” listed the alleged access in a post to the forum, asking for US$2,000.
According to the listing, root access to a server hosting the firewall for the subdivision was for sale.
This listing, which was made on 14 December, has since been updated to say the access had been sold.
Cyber Daily has been unable to verify which subdivision the access was allegedly for, nor if the access is legitimate.