In the wake of hacking the Yahoo! e-mail account of Vice Presidential candidate Sarah Palin, Web sleuths and the Feds may have nabbed the perpetrator. Meanwhile, Associated Press reporters were apparently in e-mail conversation with the suspect even as authorities were attempting to track him down.
According to reports in Knoxville's Tennessean, Democrat State Representative Mike Kernell admitted that his son, David Kernell is being questioned by authorities in connection with the crime. The Secret Service and the FBI launched an official investigation on September 17.
Kernell, 20, is a student at the University of Tennessee-Knoxville. Rep. Kernell refused to disclose any further information about his son, including his whereabouts.
In a message on a Web site frequented by hackers, a poster who identified himself as 'rubico' explained how he cracked Palin's Yahoo! account. The hacker tracked Palin's Yahoo! e-mail address from materials posted in the media, and then used the 'password reset' function to get into the account.
By successfully answering the account security question, 'rubico' was able to gain exclusive control of Palin's e-mail by substituting his own password -- 'popcorn.' The stored security question was: "Where did you meet your husband?" The hacker used online search to glean background information on Palin, and eventually hit on "Wasilla High School."
Analysts, of course, note that such security questions are less than secure. The hacker continues in his message to express frustration over his inability to download all the material. He then posted the password to the board after leaving screen captures of a few messages, family pictures and the inbox on the Wikileaks Web site, and asks other hackers to check out the material.
Alarmed by the message, another anonymous message board member logged into the Palin account, changed the password again, then contacted the Palin family with the new password and a warning that someone had hacked the account.
Tracking the Hacker
After determining that 'rubico' had used a proxy server in an attempt to cover his tracks, it appears that the Ctunnel proxy service, operated by Gabriel Rumuglia, cooperated with FBI investigators to track the elusive IP address of the culprit by turning over IP cache records. The trail allegedly leads back to David Kernell.
It appears Kernell's YouTube, MySpace and e-mail addresses have been terminated; one email address began with 'rubico10.' Kernell apparently used variations on the 'rubico' handle on other Web groups he belongs to, such as a chess group and other e-mail accounts. Bloggers such as Michelle Malkin and the Register were instrumental in tracking down leads to the perpetrator and tracking the path of the hacker through a proxy service.
Other fallouts from the hack are continued allegations in major newspapers that Palin was violating ethics standards by using a private e-mail count to conduct state business and the refusal of the Associated Press to turn over e-mail communications with the hacker. Some Web sites posted the e-mail addresses of Palin's family members and even posted Crystal Palin's cell phone number.
The hacker Web site that 'rubico' posted on, 4Chan.org, was most recently in the news when some members coordinated an online information blitz and attack on the Church of Scientology.