Two men were arrested after posing as Verizon and FBI support staff, assisting with the hack of email accounts of high ranking government officials. The hackers, INCURSIO, aka Andrew Otto Boggs and D3F4ULT, aka Justin Gray Liverman, were taken into custody last Thursday in North Carolina. The men were part of a group known as Crackas With Attitude. According to federal prosecutors, they had been building a case against the men for several months.
The CWA collective claims to have been able to hack the private email servers of CIA director John Brennan and James R. Clapper Jr, the Director of National Intelligence. Officials state that the group also compromised the email accounts of former FBI Deputy Director Mark Guiliano, as well as several other key FBI employees. Boggs and Liverman are not directly responsible for the hack, although the FBI claims that they participated by encouraging the hack and also actively used the information gained to harass their victims.
Besides hacking into private email accounts, the group obtained the personal information of over 29,000 Department of Justice and Homeland Security employees. The men charged, allegedly were able to convince a real Verizon employee that they were technicians, leading to John Brennan’s email password reset. This gave them unfettered access to the account. This was their MO – posing as technical personnel, in order to access network data. They did not rely on traditional hacking tools to pull this off.
In reference to the Mark Guiliano breach, they simply called the FBI help desk and asked for the password to be reset. The two men were charged with conspiracy for their participation. Both Boggs and Liverman will be extradited to Virginia, where they will stand trial for federal charges.
Sources: ArsTechnica, Washington Post.
This article (Two Men Arrested in Connection to Hacking of CIA and FBI Email Accounts) is a free and open source. You have permission to republish this article under a Creative Commons license with attribution to the author and AnonHQ.com.
This sucks. At least social engineering isn’t considered “normal hacking tools.” They can’t beat us if they dont understand us.