Whoever did what
The most chilling comment, which I totally believe, is:
"I could've 1000% used this to send more legit looking emails, trick companies into handing over data etc. And this would've never been found by anyone who would responsibly disclose, due to the [nondisclosure] notice the feds have on their website."
The LEEP server is used by law enforcement and intelligence agencies. A request from the FBI for information will likely be acted upon without question.
And all because of yet another "misconfiguration" (assuming the FBI is being honest about that).
Biting the hand that feeds IT
