Security

Palin E-Mail Hacker Says It Was Easy

A person claiming to be the hacker who obtained access to Alaska Gov. Sarah Palin’s private Yahoo e-mail on Tuesday has posted a supposed first-person account of the hack, revealing the relatively simple steps he says he took to crack the private e-mail of the Republican vice-presidential candidate. The story was briefly posted Wednesday to […]

Palin
A person claiming to be the hacker who obtained access to Alaska Gov. Sarah Palin's private Yahoo e-mail on Tuesday has posted a supposed first-person account of the hack, revealing the relatively simple steps he says he took to crack the private e-mail of the Republican vice-presidential candidate.

The story was briefly posted Wednesday to the 4chan forum where the hack first surfaced. Bloggers have connected the handle of the poster, "Rubico," to an e-mail address, and tentatively identified the owner as a college student in Tennessee.

Threat Level was unable to reach the student by phone because his number is unlisted. A person who identified himself as the student's father, when reached at home, said he could not talk about the matter and would have no comment. The father is a Democratic state representative in Tennessee. Threat Level is not identifying them by name because authorities have not identified any suspects in the case, and the link to the student so far is tenuous. The father, in a second call with Threat Level late Thursday afternoon, said that neither he nor his son has been contacted by any law enforcement authorities. A local Tennessee paper had erroneously reported that his son had been contacted by authorities, he told Threat Level.

As detailed in the postings, the Palin hack didn't require any real skill. Instead, the hacker simply reset Palin's password using her birthdate, ZIP code and information about where she met her spouse -- the security question on her Yahoo account, which was answered (Wasilla High) by a simple Google search.

The simplicity of the attack, of course, makes it no less illegal.

The hacker said that he read all of the e-mails in the Palin account and found "nothing incriminating, nothing that would derail her campaign as I had hoped. All I saw was personal stuff, some clerical stuff from when she was governor…. And pictures of her family."

Once the hacker had read the e-mails in Palin's account, he said he suddenly realized what he'd done and how vulnerable he was to being caught, since he'd used only a single proxy service to hide his IP address.

yes I was behind a proxy, only one, if this shit ever got to the FBI I was fucked, I panicked, i still wanted the stuff out there but I didn’t know how to rapidshit all that stuff, so I posted the pass on /b/, and then promptly deleted everything, and unplugged my internet and just sat there in a comatose state

Once he posted the information to 4chan -- the stronghold of the Anonymous griefer collective -- a good Samaritan tried to step in to protect Palin by resetting her password and sending an e-mail to one of her aides, Ivy Frye. But the white hat posted a screen shot of that e-mail to 4chan, and it included the new password. That triggered a feeding frenzy on the forum, as legions of channers competed to log in and reset Palin's password again.

Most Popular

That flurry of activity triggered a security feature that froze Palin's account for 24 hours, which was long enough for the information to hit the media. Palin, or someone in her camp, closed the account early Wednesday morning.

The postings telling the story have been deleted from 4chan, so I've included them below.

rubico 09/17/08(Wed)12:57:22 No.85782652

Hello, /b/ as many of you might already know, last night sarah palin’s yahoo was “hacked” and caps were posted on /b/, i am the lurker who did it, and i would like to tell the story.

In the past couple days news had come to light about palin using a yahoo mail account, it was in news stories and such, a thread was started full of newfags trying to do something that would not get this off the ground, for the next 2 hours the acct was locked from password recovery presumably from all this bullshit spamming.

after the password recovery was reenabled, it took seriously 45 mins on wikipedia and google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, and it only has 2 zip codes (thanks online postal service!)

the second was somewhat harder, the question was “where did you meet your spouse?” did some research, and apparently she had eloped with mister palin after college, if youll look on some of the screenshits that I took and other fellow anon have so graciously put on photobucket you will see the google search for “palin eloped” or some such in one of the tabs.

I found out later though more research that they met at high school, so I did variations of that, high, high school, eventually hit on “Wasilla high” I promptly changed the password to popcorn and took a cold shower…

>> rubico 09/17/08(Wed)12:58:04 No.85782727

this is all verifiable if some anal /b/tard wants to think Im a troll, and there isn’t any hard proof to the contrary, but anyone who had followed the thread from the beginning to the 404 will know I probably am not, the picture I posted this topic with is the same one as the original thread.

I read though the emails… ALL OF THEM… before I posted, and what I concluded was anticlimactic, there was nothing there, nothing incriminating, nothing that would derail her campaign as I had hoped, all I saw was personal stuff, some clerical stuff from when she was governor…. And pictures of her family

I then started a topic on /b/, peeps asked for pics or gtfo and I obliged, then it started to get big

Earlier it was just some prank to me, I really wanted to get something incriminating which I was sure there would be, just like all of you anon out there that you think there was some missed opportunity of glory, well there WAS NOTHING, I read everything, every little blackberry confirmation… all the pictures, and there was nothing, and it finally set in, THIS internet was serious business, yes I was behind a proxy, only one, if this shit ever got to the FBI I was fucked, I panicked, i still wanted the stuff out there but I didn’t know how to rapidshit all that stuff, so I posted the pass on /b/, and then promptly deleted everything, and unplugged my internet and just sat there in a comatose state

Then the white knight fucker came along, and did it in for everyone, I trusted /b/ with that email password, I had gotten done what I could do well, then passed the torch , all to be let down by the douchebaggery, good job /b/, this is why we cant have nice things.

Gabriel Ramuglia who operates Ctunnel, the internet anonymizing service the hacker used to post the information from Palin's account to the 4chan forum, told Threat Level this morning that the FBI had contacted him yesterday to obtain his traffic logs. Ramuglia said he had about 80 gigabytes of logs to process and hadn't yet looked for the information the FBI was seeking but planned to be in touch with the agents today.

Ramuglia said the screenshots of Palin's e-mail account, which the hacker posted online, will help him narrow his search, since they revealed most of the Ctunnel URL that was at the top of the hacker's browser when he took the screen shot.

(This post was updated with details about a phone call with the father of the college student and information from the owner of the proxy service he used.)

Photo: AP/Charles Dharapak