‘Teen stoner’ who says he hacked CIA head’s email quite pleased with himself

https://sophosnews.files.wordpress.com/2015/10/shutterstock_86219128.jpg?w=150

On the one hand, CWA (“Crackas With Attitude”), may have been a duo of pot-smoking, pro-Palestine 13-year-olds who socially engineered Verizon and got it to reset CIA Director John Brennan’s AOL address.

They might then have posted taxpayer and other personal information of more than a dozen top US intelligence officials, plus a government letter about the use of “harsh interrogation techniques” on terrorism suspects.

Or on the other hand, it could simply be a mile-high baloney sandwich.

The New York Post first reported on the claims of the alleged hacker after he contacted the paper last week to brag about his exploits.

In phone conversations, the purported US high schooler said he was motivated – by opposition to US foreign policy and support for Palestine – to post what looked like stolen documents and a portion of Brennan’s contact list on Twitter, among other documents.

There appeared to be at least two Twitter accounts associated with the breach: @_cwa_ and @phphax.

@_cwa_ has now been taken down but @phphax is still active.

Both accounts had been emitting a steady stream of taunting tweets, followed by screenshots of potentially damaging information, including the screenshots of financial information.

One of the taunts included what looks like a fax cover sheet:

fax tweet

god damn im glad ya'll set it off used to be secure, now you're just wet and softtt @CIA found this in your email 🙂

Another suggested they had access to call logs from the White House Deputy National Security Advisor.

call logs tweet

the current White House Deputy National Security Advisor call logs. #FreePalestine #FreeGaza ...

The page that the tweet links to with the purported call logs has since been deleted.

One of the alleged hackers told Gawker over IM that they were only boys:

since only 13 i am pretty hype about it.

… and that the New York Post was on target when it labelled him a “teen stoner”:

Me and phphax know each other irl, most of our school and grade are smokers and stoners, so i mean it just kind of describes us in away...I dont find it insulting in anyway. [sic]

Is any of that true? Your guess is as good as mine.

In another tweet, @phphax was jeering at self-described “hacktivist for good” @th3j3st3r for believing that he was only 13.

What about the documents? Without access to the originals, if they even exist, it’s tough to verify their authenticity.

Gawker notes that some of the addresses from Brennan’s purported email address book look “incorrect, if not outright fabricated.”

Still, some of those email addresses look real: Gawker said that CIA officers including David Shedd and John Moseman were on the purportedly leaked list, all with “@ugov.gov” addresses, indicating an email system that was shuttered six years ago over (appropriately enough) security concerns.

The pair wouldn’t tell Gawker exactly what they claim to have gotten their hands on, though they did tell the New York Post that Brennan’s private account held sensitive files, including his 47-page application for top-secret security clearance.

They also told Gawker that they have no firm plans to release more evidence of having compromised accounts.

While the claims made by the “teen stoners” are hard to verify, one thing they claim is, unfortunately, pretty easy to believe: if they indeed took over Brennan’s account, it well might have been through social engineering.

According to the FBI’s Internet Crime Complaint Center (IC3) annual report on internet crime, scams and fraud are surging, and that includes social engineering attacks.

Just go ask Mat Honan about social engineering: 3 years ago, his e-life was e-tattered, all thanks to over-helpful iCloud support.

After breaching Apple’s security, the crook remotely wiped Honan’s iGadgets: his iPhone, iPad and Macbook Air.

It didn’t stop there: the criminal then went on to take over Honan’s Gmail account, his Twitter account and, through account linking, the Twitter account of Gizmodo, with which Honan at one point had a trusted journalistic relationship.

It was a mess for Honan, of course, but the rest of us benefited: in the wake of the pwnage, Apple finally bit the bullet and started offering two-factor verification for Apple ID users.

Now, back to those Crackas With Attitude. A spokesperson for the CIA told The Guardian that the agency is aware of the reports on social media and have given a heads-up to “the appropriate authorities,” while a spokesperson for the FBI said that the bureau is investigating the attack.

If, or shall we say once, the Feds track down the kids/adults/crooks/whoever’s responsible for, well, whatever actually happened with Brennan’s AOL account, we’ll let you know how the Crackas’ Attitude changes, as soon as we check out a criminal complaint.

Image of CIA crest courtesy of Shutterstock.com

Leave a Reply

Your email address will not be published.