Teen Hackers Socially Engineered Way Into CIA Director’s Private E-Mail

The federal government is sure to be looking for a teenage hacker and two of his friends now that they’ve gone public with a rather embarrassing fact: by pretending to be a Verizon employee, they were able to get personal information about CIA Director John Brennan.

This personal information, such as the last four digits of his credit card, were useful in resetting the director’s AOL account password. Against all reason, this AOL account contained highly sensitive government documents the director had forwarded to himself from work.

Speaking to Wired Magazine, the hackers said of their Verizon social engineering attack, “[W]e told them we work for Verizon and we have a customer on scheduled callback.” They were able to fool the other Verizon using falsified employee identification numbers, which indicates that at least one of the group had prior familiarity with the inner workings of Verizon. From there they were able to escalate to access the AOL account, which was even less difficult to socially engineer into. The director is, after all the perfect candidate for the kind of person a tech support professional would believe couldn’t reset the password on his own.stock email

Emails as old as 2009 were available in the account, including one from congressional leaders requesting that the CIA end the use of prohibited interrogation tactics. Then there are the attachments, which are even more interesting. One was the Director’s own top secret clearance application, an exhaustive document which even contains personal information of family and friends of the applicant. Also a spreadsheet which contained names, social security numbers, and other information about numerous government employees, some of whom work for the CIA. The AP thinks this spreadsheet was actually a list of people visiting President Obama that year, given that Brennan was serving as the counter-terrorism director.

Also read: Half-Measures? Facebook Warning Users of State-Sponsored Attacks

The hacking group’s Twitter account was decorated with screenshots from the hack recently, including the following two images.



Al Qaeda or Anonymous?

Perhaps more interesting about their Twitter account is the biographical information, which reads: “La il laha il Allah, Muhammad a rasool Allah. #Anonymous #OpNimr #CWA.” It’s difficult to determine if this is meant to be a troll or if they’re actually doing this in the name of Islamist extremism. But more to the point, #OpNimr is the campaign against the execution of Ali Mohammed al-Nimr in Saudi Arabia, who was a child when he committed the crimes he’s accused of, and whose confession was obtained under duress. Saudi Arabia is an ally in good standing with the United States.

Brennan was quite aware of the hack taking place. A back and forth of account resetting took place three times before the hackers called his personal phone number. At this point, they claim, Brennan asked what they wanted to stop hacking his e-mail account. The hackers told him, “We just want Palestine to be free and for you to stop killing innocent people.” Israel is also an ally in good standing with the United States.

Brennan was not the only victim of the hacking group. Homeland Security Secretary Jeh Johnson’s Comcast account was compromised, though it appears the hackers didn’t get much further than that with his account. It appears AOL is particularly easy in comparison to other providers.

Images from Shutterstock.


Website: http://phm.link

P. H. Madore has covered the cryptocurrency beat over the course of hundreds of articles for Hacked's sister site, CryptoCoinsNews, as well as some of her competitors. He is a major contributing developer to the Woodcoin project, and has made technical contributions on a number of other cryptocurrency projects. In spare time, he recently began a more personalized, weekly newsletter at http://ico.phm.link