NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Home / News / Security / Hacking News

Hacking News

The Chain Tightens Around Palin's E-mail Hacker

Yahoo! and the owner of the proxy service are working with the FBI while the signer of the alleged confession was identified

By Lucian Constantin, Web News Editor

19th of September 2008, 08:54 GMT

Adjust text size:

Investigation into Sarah Palin'e e-mail account hack advancing

The owner of the proxy service used by the person who hacked Sarah Palin's e-mail was contacted by the FBI regarding the server logs and is currently working to provide them. Meanwhile, the person whose e-mail was used to sign a confession circulating on the Internet was identified as David Kernell, son of democratic Tennessee state representative Mike Kernell.

The alleged hacker of Sarah Palin's Yahoo e-mail account appears to have made two major mistakes. The first was to include the browser address bar in the screen shots he released. The address bar contained an almost complete URL from the Ctunnel proxy service that was used. Due to the unique string of random characters in the URL, the owner of the service thinks he will be able to determine, from his server logs, the real IP of the hacker.

As we previously reported, 25-year-old web developer Gabriel Ramuglia from Athens, GA, owner of Ctunnel, was expecting to be contacted by law enforcement officers regarding this issue. It looks like yesterday he received a phone call from an FBI special agent who asked him to save the logs from being automatically deleted after seven days. Ramuglia accepted to help the investigation and started downloading the 80 GB worth of logs from his co-located server in Chicago. He is confident that with his assistance, the FBI will be able to pinpoint the real IP address of the hacker in the logs. According to him, the FBI also requested help from Yahoo and they will most likely provide their own logs, too.

This could really help the FBI if indeed the hacker did not use multiple proxy services in order to hide his real IP. Ramuglia doesn't think he was careful enough to do that and this is likely to be true because of the claim that “yes I was behind a proxy, only one,” present within a “confession” written by the alleged hacker, which we also detailed.

This widely discussed on blogs “confession” actually refers to a post made by a user calling himself Rubico on the 4chan /b/ board. The post was deleted pretty fast by the board's moderators, but not fast enough for someone to copy it and spread it around. Rubico takes responsibility for the incident and writes a detailed story of how he hacked Palin's e-mail. “I am the lurker who did it, and i would like to tell the story,” starts Rubico.

Of course the authenticity of this story cannot be confirmed and some security researchers are skeptical about it. This is mainly because the user claims to have used Yahoo's password recovery function in order to reset the e-mail's password, while the researchers say that using this Yahoo option sends the password to the secondary e-mail previously provided by the account owner. I personally beg to differ as I have tested the password recovery option and, what do you know, I changed my password without having it sent to the secondary e-mail.

After the first screen asking you to input the Yahoo! ID for which you want to recover the password, you get prompted with the following request: “Please select an email address to receive your password reset link.” This gives you the option to select the secondary / alternative e-mail associated with the account OR to check the “I can't access my alternate email address“ box, which will enable you to directly input a new password without being reset and sent to any other address. I would also like to mention that, in my case, it didn't even ask for birth date or zip code and I only had to provide the answer to the security question. I strongly suggest that you go and change your own security question to a custom one with a really hard to guess / find answer if you haven't done so already.

The second mistake made by the hacker is particularly related to Rubico's post and concerns the fact that he provided his e-mail address, rubico10@yahoo.com along with his nickname. Since this confession was cited on many websites, someone was bound to know the real person who owns the e-mail address. And someone did, as the e-mail address was soon after reported to belong to 20-year-old David Kernell, a student at the University of Tennessee-Knoxville. His father, Mike Kernell, who also happens to be a democratic state rep in Tennessee, confirmed for the Tennessean that the person being the subject of the many blog posts and news articles around the Internet is indeed his son. However, David Kernell has not been included in any official investigation yet.

Yes, the whole Rubico confession could be fake. It could be an attempt from someone to throw the blame on or harm David Kernell. This is even more likely giving the nature of the /b/ board and its users, who would probably qualify as trolls on other forums. Someone monitoring the /b/ board described them as being “hyperactive adolescents in search of amusement and joy, which they often get by upsetting people and making messes.”

On the other hand, there could be some truth to the story for exactly the same reason. It is likely that someone who would frequent such a board would be behind the incident as it certainly doesn't look like the work of an experienced hacker. The skills required to pull the password recovery trick off are not exceptional and only involve knowledge about Yahoo mail and how to do research using Google. The mistakes like not covering the URL in the screen caps suggest that “hacker” is just a glorified name attributed to the person who did this.

TAGS:	Sarah Palin \| Email Hack \| Proxy Service \| David Kernell \| FBI Investigation	SHARE THIS
Read by 1,752 user(s) \| Add comment \| Link to this article		TWEET THIS

Article rating:

Excellent (5.0/5)

3 vote(s)

Subscribe to news |

Print article |

Send to friend

SEARCH THE NEWS ARCHIVE :

Today's News | Yesterday's News | News Archive

User opinions:

Comment #1 by: A-COL on 21 Sep 2008, 05:03 GMT

reply to this comment

What’s most interesting is that the “Felon” who was smart (or dumb) enough to hack Palin’s E-Mail was dumb enough to post his confession on line. Seems the perpetrator’s E-Mail address belongs to David Kernell, 20, from Memphis, TN, a student at the University of Tennessee-Knoxville and son of Democratic state representative Mike Kernell.
“Young David” explains it this way in his on-line confession: “On Tuesday night, I broke into Sarah Palin's Yahoo! e-mail account, read the e-mails and posted the address and password to wreak general havoc with the account, using Yahoo!'s password recovery feature…. All I had to do was fill in the answers to some questions with information found in Wikipedia. After the password recovery was re-enabled, it took seriously 45 mins on Wikipedia and Google to find the info….. and then I promptly changed the password to popcorn and took a cold shower...”
I suspect “young David” will be taking future “cold showers with a lot of his new best buddies.” Piece of advice for “the little nipper” …. Try to avoid dropping the soap in the shower. I just hope he’s in the slammer in time to be “Bubba’s date for the Sadie Hawkins Day Dance.”
The upside for Dad, Democratic State Rep Mike Kernell, is think of the tuition money you’ll save!

Share your opinion:

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| ENTER NEWS SITE \| ENGLISH BOARD \| ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use \| Update your software \| Archive