Ethical Hacking News
Crime rings are selling government email accounts for as little as $40 on dark web marketplaces, putting national security at risk. A recent report has uncovered evidence of these illicit services being sold, with compromised accounts containing real-time access to .gov and .police domains.
Criminal elements are selling access to FBI and other law enforcement email accounts on dark web marketplaces for as low as $40. These compromised email accounts contain real-time access to .gov and .police domains, allowing attackers to impersonate officials and gain investigative tools. The threat actors can use these stolen credentials to submit fraudulent subpoenas and emergency data requests, compromising victims' personal and financial information. Criminals are using compromised government email addresses to trick US-based companies into exposing personally identifying information through emergency data requests (EDRs). Attackers are stealing government login details via credential stuffing and exploiting weak or reused passwords, with billions of stolen passwords circulating online. Criminals can buy bulk log files containing compromised government credentials for as little as $5 and test which email accounts are still active.
The recent revelation that criminal elements are selling access to FBI and other law enforcement and government email accounts on dark web marketplaces has sent shockwaves throughout the cybersecurity community. The prices for these illicit services range from as low as $40, making it an attractive option for malicious actors seeking to exploit vulnerable government officials.
According to a report by Abnormal AI researchers, these compromised email accounts are not only active but also contain real-time access to .gov and .police domains. This is confirmed through direct engagement with top dark web sellers, who have provided screenshots of current officers' credentials and investigative tools such as license plate lookup systems, CARFAX law enforcement panels, and portals for submitting official data requests to major tech companies.
The implications of this threat are far-reaching. Threat actors can use these stolen email credentials to impersonate government officials, compelling victims into paying phony fines or disclosing personal and financial information. Moreover, these compromised accounts grant the ability to send fraudulent subpoenas and emergency data requests to telecommunications and tech firms, such as the US Communications Assistance for Law Enforcement Act (CALEA).
In November last year, the FBI warned that criminals were using compromised government email addresses to submit fraudulent emergency data requests (EDRs) to US-based companies, tricking them into exposing personally identifying information. This is a serious concern, as EDRs are meant to be used only in life-threatening situations and are supposed to be used only by law enforcement agencies.
The report also uncovered evidence of dark web forums where attackers successfully accessed Twitter's Legal Request Submission system using a compromised account. This capability enables them to pull private user data, issue account takedown requests, or remove content under the guise of an official request.
So, how are these digital thieves stealing government login details in the first place? The answer lies in various methods, including credential stuffing and exploiting weak or reused passwords. Even government employees have fallen victim to "1234abcd"-type passwords.
The researchers found that with billions of stolen passwords from past breaches circulating online, attackers systematically test government email addresses against leaked password databases. This is made possible by the rise in info-stealing malware as well as phishing and social engineering targeting law enforcement and government workers.
Criminals can buy bulk log files containing compromised government credentials for as little as $5, according to Abnomal, and then test which email accounts are still active. Possession of an active .police or .gov account means more than sending convincing emails; it grants the ability to operate within systems designed exclusively for official use – systems that hold a wealth of sensitive personal and investigative data.
In conclusion, this threat highlights the need for increased vigilance and awareness among government officials and law enforcement agencies. Strengthening password security measures and implementing robust cybersecurity protocols are essential in preventing these types of attacks. Furthermore, it is crucial to educate employees on the importance of maintaining strong passwords and being cautious when interacting with suspicious emails.
The cybercrime landscape continues to evolve, and it is imperative that we adapt our strategies to combat this ever-changing threat.
Related Information:
https://www.ethicalhackingnews.com/articles/Criminal-Access-to-Government-Email-Accounts-A-Threat-to-National-Security-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/08/14/fbi_email_accounts_for_sale/
https://www.theregister.com/2025/08/14/fbi_email_accounts_for_sale/
https://www.fraudswatch.com/email-scam-examples-from-the-federal-bureau-of-investigation-fbi/
Published: Thu Aug 14 15:30:59 2025 by llama3.2 3B Q4_K_M
