News & Information for Technology Purchasers NewsFactor Sites:     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
APC Free White Paper
Optimize your network investment &
Enter to win a Samsung Galaxy Note
Network Security
24/7/365 Network Uptime
Average Rating:
Rate this article:  
Suspect Nabbed in Palin E-mail Hack
Suspect Nabbed in Palin E-mail Hack

By Steve Bosak
September 20, 2008 9:22AM

    Bookmark and Share
In a message on a Web site frequented by hackers, a poster who identified himself as 'rubico' explained how he cracked Sarah Palin's Yahoo! e-mail account. The hacker tracked Palin's e-mail address from materials posted in the media, then used the password reset function to access the account, gaining exclusive control of Palin's e-mail.

In the wake of hacking the Yahoo! e-mail account of Vice Presidential candidate Sarah Palin, Web sleuths and the Feds may have nabbed the perpetrator. Meanwhile, Associated Press reporters were apparently in e-mail conversation with the suspect even as authorities were attempting to track him down.

According to reports in Knoxville's Tennessean, Democrat State Representative Mike Kernell admitted that his son, David Kernell is being questioned by authorities in connection with the crime. The Secret Service and the FBI launched an official investigation on September 17.

Kernell, 20, is a student at the University of Tennessee-Knoxville. Rep. Kernell refused to disclose any further information about his son, including his whereabouts.

Not-So-Secure Security

In a message on a Web site frequented by hackers, a poster who identified himself as 'rubico' explained how he cracked Palin's Yahoo! account. The hacker tracked Palin's Yahoo! e-mail address from materials posted in the media, and then used the 'password reset' function to get into the account.

By successfully answering the account security question, 'rubico' was able to gain exclusive control of Palin's e-mail by substituting his own password -- 'popcorn.' The stored security question was: "Where did you meet your husband?" The hacker used online search to glean background information on Palin, and eventually hit on "Wasilla High School."

Analysts, of course, note that such security questions are less than secure. The hacker continues in his message to express frustration over his inability to download all the material. He then posted the password to the board after leaving screen captures of a few messages, family pictures and the inbox on the Wikileaks Web site, and asks other hackers to check out the material.

Alarmed by the message, another anonymous message board member logged into the Palin account, changed the password again, then contacted the Palin family with the new password and a warning that someone had hacked the account.

Tracking the Hacker

After determining that 'rubico' had used a proxy server in an attempt to cover his tracks, it appears that the Ctunnel proxy service, operated by Gabriel Rumuglia, cooperated with FBI investigators to track the elusive IP address of the culprit by turning over IP cache records. The trail allegedly leads back to David Kernell.

It appears Kernell's YouTube, MySpace and e-mail addresses have been terminated; one email address began with 'rubico10.' Kernell apparently used variations on the 'rubico' handle on other Web groups he belongs to, such as a chess group and other e-mail accounts. Bloggers such as Michelle Malkin and the Register were instrumental in tracking down leads to the perpetrator and tracking the path of the hacker through a proxy service.

Other fallouts from the hack are continued allegations in major newspapers that Palin was violating ethics standards by using a private e-mail count to conduct state business and the refusal of the Associated Press to turn over e-mail communications with the hacker. Some Web sites posted the e-mail addresses of Palin's family members and even posted Crystal Palin's cell phone number.

The hacker Web site that 'rubico' posted on,, was most recently in the news when some members coordinated an online information blitz and attack on the Church of Scientology.

Tell Us What You Think


Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
What Verizon's Data Breach Report Can Teach Enterprises
It’s probably not a jaw-dropper, but cyberespionage is officially on the rise. And the use of stolen or misused credentials is still the leading way the bad guys gain access to corporate information.
Top Cyberthreats Exposed by Verizon Report
Beyond Heartbleed, there are cyberthreats vying to take down enterprise networks, corrupt smartphones, and wreak havoc on businesses. Verizon is exposing these threats in a new report.
Where Do Web Sites Stand, Post-Heartbleed?
A security firm says the vast majority of Web sites have patched themselves to protect against the Heartbleed bug, but now there are questions raised on the reliability of open-source programs.

NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | Small Business | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.