HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Network Security / Suspect Nabbed in Palin E-mail Hack
Suspect Nabbed in Palin E-mail Hack
Suspect Nabbed in Palin E-mail Hack
By Steve Bosak / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
SEPTEMBER
20
2008
In the wake of hacking the Yahoo! e-mail account of Vice Presidential candidate Sarah Palin, Web sleuths and the Feds may have nabbed the perpetrator. Meanwhile, Associated Press reporters were apparently in e-mail conversation with the suspect even as authorities were attempting to track him down.

According to reports in Knoxville's Tennessean, Democrat State Representative Mike Kernell admitted that his son, David Kernell is being questioned by authorities in connection with the crime. The Secret Service and the FBI launched an official investigation on September 17.

Kernell, 20, is a student at the University of Tennessee-Knoxville. Rep. Kernell refused to disclose any further information about his son, including his whereabouts.

Not-So-Secure Security

In a message on a Web site frequented by hackers, a poster who identified himself as 'rubico' explained how he cracked Palin's Yahoo! account. The hacker tracked Palin's Yahoo! e-mail address from materials posted in the media, and then used the 'password reset' function to get into the account.

By successfully answering the account security question, 'rubico' was able to gain exclusive control of Palin's e-mail by substituting his own password -- 'popcorn.' The stored security question was: "Where did you meet your husband?" The hacker used online search to glean background information on Palin, and eventually hit on "Wasilla High School."

Analysts, of course, note that such security questions are less than secure. The hacker continues in his message to express frustration over his inability to download all the material. He then posted the password to the board after leaving screen captures of a few messages, family pictures and the inbox on the Wikileaks Web site, and asks other hackers to check out the material.

Alarmed by the message, another anonymous message board member logged into the Palin account, changed the password again, then contacted the Palin family with the new password and a warning that someone had hacked the account.

Tracking the Hacker

After determining that 'rubico' had used a proxy server in an attempt to cover his tracks, it appears that the Ctunnel proxy service, operated by Gabriel Rumuglia, cooperated with FBI investigators to track the elusive IP address of the culprit by turning over IP cache records. The trail allegedly leads back to David Kernell.

It appears Kernell's YouTube, MySpace and e-mail addresses have been terminated; one email address began with 'rubico10.' Kernell apparently used variations on the 'rubico' handle on other Web groups he belongs to, such as a chess group and other e-mail accounts. Bloggers such as Michelle Malkin and the Register were instrumental in tracking down leads to the perpetrator and tracking the path of the hacker through a proxy service.

Other fallouts from the hack are continued allegations in major newspapers that Palin was violating ethics standards by using a private e-mail count to conduct state business and the refusal of the Associated Press to turn over e-mail communications with the hacker. Some Web sites posted the e-mail addresses of Palin's family members and even posted Crystal Palin's cell phone number.

The hacker Web site that 'rubico' posted on, 4Chan.org, was most recently in the news when some members coordinated an online information blitz and attack on the Church of Scientology.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
High Quality CRM Data: Prevent, detect and fix errors at the point of data entry for Dynamics CRM. Trillium Software helps you achieve an accurate, synchronized, single view of customers. It's time to trust your data. Take a product tour and read CRM Analyst opinions here.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.