Arrests Made After Group Hacks CIA Director's AOL Account

Slashdot reader FullBandwidth writes: U.S. authorities have arrested two North Carolina men accused of hacking into the private email accounts of high-ranking U.S. intelligence officials. [The men] will be extradited next week to Alexandria, where federal prosecutors for the Eastern District of Virginia have spent months building a case against a group that calls itself Crackas With Attitude... Authorities say the group included three teenage boys being investigated in the United Kingdom.
The group used social engineering to access the email accounts of John Brennan, the director of the CIA, as well as the Director of National Intelligence, and former FBI deputy director Mark Giuliano, according to the article. One exploit involved "posing as a Verizon technician and tricking the company's tech-support unit into revealing the CIA director's account number, password and other details." An FBI affidavit alleges that a British teenager named "Cracka" also began forwarding the calls of a former FBI deputy director "to a number associated with the Free Palestine Movement," while "D3F4ULT" paid for a campaign of harassing phone calls. In addition, "According to the affidavit, Cracka appears to have gotten into the law enforcement database simply by calling an FBI help desk and asking for Giuliano's password to be reset..."

"One member told CNN [In a video interview] that he smoked marijuana 'all day every day' and was 'probably' high when gaining access to high-level accounts."

Re: Not Brennan's fault

[uvajed_ekil]

The article says there were sensitive files stolen from his personal email account. If true, he shouldn't have had them there.

From a Wired article dated almost a year ago:
"News of the hack was first reported by the New York Post after the hacker contacted the newspaper last week. The hackers described how they were able to access sensitive government documents stored as attachments in Brennan’s personal account because the spy chief had forwarded them from his work email.
The documents they accessed included the sensitive 47-page SF-86 application that Brennan had filled out to obtain his top-secret government security clearance. Millions of SF86 applications were obtained recently by hackers who broke into networks belonging to the Office of Personnel Management. The applications, which are used by the government to conduct a background check, contain a wealth of sensitive data not only about workers seeking security clearance, but also about their friends, spouses and other family members. They also include criminal history, psychological records and information about past drug use as well as potentially sensitive information about the applicant’s interactions with foreign nationals—information that can be used against those nationals in their own country."

Sounds pretty bad to me, but I doubt he'll receive the same level of scrutiny as Hillary Clinton has, because it isn't as interesting politically.
Source: https://www.wired.com/2015/10/... -- interesting article.

Re:Not sure

[ShaunC]

Last time I checked, AOL Instant Messenger needed a AOL account, at least one on the free tier.

I still have both, but I haven't paid for AOL in 20 years. There are a lot of AIM users who never had an AOL account. Registration at aim.com was free for a long time (maybe it still is?) and I talk to a lot of people via AIM who were never AOL users. Despite the ridicule, AIM/Oscar via the Pidgin client with the OTR plugin remains a relatively secure method of communication.

As for Skype, fuck that entirely, it's been compromised forever. If I want to holler at the NSA, I'll just yell into any phone and hope for the worst.