Two North Carolina men were arrested in September for their alleged roles in a hacking group responsible for breaching the email accounts of CIA Director John Brennan, Homeland Security Secretary Jeh Johnson and Director of National Intelligence James Clapper — and providing the contents to WikiLeaks.
Andrew Otto Boggs, 22, and Justin Gray Liverman, 24, were extradited to Virginia to appear at an Alexandria District Court. Despite the allegations that they belonged to the same hacker group, and the fact that they live so close together, the two men did not know each other offline.
The duo is accused of being part of the hacking group “Crackas With Attitude,” which allegedly social-engineered access to Clapper’s personal email, home telephone and internet account, as well as his wife’s Yahoo email account.
At least three other members of the group, located in the United Kingdom, are currently under investigation by the Crown Prosecution Service. Two, a 16-year-old and a 15-year-old, were arrested earlier this year but have not been identified, as they are minors. One of the minors went by the alias “Cracka,” and is alleged to have been behind the bulk of the breaches.
Liverman maintains that he only knew the members of the group online, and never personally accessed any federal databases. He also states that his computer was hacked two nights before he was raided. He is allegedly the admin of AnonSec and @L0sExtraditables.
“Me and Cracka utilized OTR encryption which [Edward] Snowden exposed that the NSA can’t break, but if they raid you and get your computer they can use your private key to decrypt OTR encrypted traffic that they might have dragnetted,” Liverman explained to Sputnik.
He also pointed out that when Cracka leaked information to Motherboard reporter Franceschi-Bicchierai, he had requested that he not be named and only identified as a confidential source. That request fell on deaf ears.
Alleged CIA head hacker in epic prank of James Clapper, head of DNI. Handle then betrayed by VICE journalist https://t.co/bFjpiOX3B4
— WikiLeaks (@wikileaks) January 13, 2016
“When Cracka leaked to Motherboard he asked not to be named as he wanted to confidentially leak information, Lorenzo disregarded it and listed that it was from him — he even wrote that Cracka asked not to be listed like a total piece of shit,” Liverman noted.
After being arrested at gunpoint, Boggs tweeted that he was busted when investigators caught him logging on to an implicated Twitter account from an IP address registered to his father, with whom he lives.
If you're hacking and you register or sign-in on twitter from your parents' house, you're gonna have a bad time.
— Incursio (@ret2reg) September 10, 2016
Liverman does not believe that was the case however, and that the FBI used illegal tactics to aid in their arrests. The method he believes that they employed are in line with the highly controversial amendments to Rule 41, which would allow for the agency to hack and surveil an unlimited number of computers and devices globally, without a warrant. These amendments are not currently law, as the deadline for Congress to strike it down is December 1.
“They mentioned something about me and Cracka using similar tor nodes, so it’s possible that they utilized their malicious tor nodes for MitM Jabber servers which we mostly used to communicate,” Liverman detailed.
The amendments also remove jurisdiction limitations, allowing the FBI to obtain a search warrant in, for instance, Virginia and then hack computers across the country using Network Investigative Techniques (NITs).
Investigators believe that the group formed in July 2015 when a hacker identified as Cracka, one of the arrested teens, spoke to Boggs claiming that he had obtained the Social Security number of a US official and was now in control of his Comcast account.
In October, Cracka stated that, on a scale of one to 10, with 10 being the most difficult, hacking into Brennan’s accounts was a one.
“From about October 2015 to February 2016, the group used ‘social engineering’ hacking techniques, including victim impersonation, to gain unlawful access to the personal online accounts of senior US government officials, their families, and several US government computer systems,” a press release from the Department of Justice stated.
The criminal inquiry was opened by the FBI and the Secret Service last October, and was announced after some of the stolen documents were released by WikiLeaks.
— WikiLeaks (@wikileaks) October 21, 2015
“The FBI is investigating this matter jointly with the US Secret Service,” a spokeswoman for the Federal Bureau of Investigation in Washington announced in October of last year. “As this is an ongoing investigation, we declined further comment.”
Brennan’s personal email account contained a number of sensitive files, including a 47-page application for top-secret security clearance, Social Security numbers and the personal information of over a dozen top intelligence officials. There was also a letter about the use of “harsh interrogation techniques” on terrorism suspects.
“If you’re the CIA director you shouldn’t have an AOL account,” Liverman told Sputnik. “Not only should he not have had an AOL email, but it’s illegal to use them for for government purposes — similar to the Hillary [Clinton] scandal, except he didn’t host them himself, which would have been more secure than AOL.”
A PDF titled “torture” contained a document sent by Christopher S. Bond to the United States Select Committee on Intelligence stating that the controversial interrogation methods used on “high value” detainees has been one of the most valuable sources of intelligence in protecting America.
The letter requested that, rather than authorizing intelligence agencies to use only techniques that are allowed, he wanted to prohibit certain techniques, so that they knew exactly what they could not do, and therefore would not be limited when developing new methods in the future.
Another PDF, titled “Torture Ways,” contained the contents of a bill aimed to prohibit the use of certain interrogation techniques, including forced nudity, sexual acts, using hoods or duct tape over the eyes, beatings, electric shock, burns, using military dogs on the prisoners, waterboarding, inducing hypothermia or heat injuries, mock executions, and food/water/medical deprivation.
Cracka explained at the time that he used social engineering to trick workers at Verizon into providing him with Brennan’s personal information and then used what they gave him to dupe AOL and Comcast into allowing him access to the CIA director’s accounts. The court affidavit for Boggs and Liverman confirms that the hackers responsible called Verizon and falsely represented themselves.
Cracka claimed at the time to have been prank-calling the CIA official, once reciting his social security number to him.
“In some instances, members of the conspiracy uploaded private information that they obtained from victims’ personal accounts to public websites; made harassing phone calls to victims and their family members; and defaced victims’ social media accounts. At least three other members of the conspiracy are located in the United Kingdom and are being investigated by the Crown Prosecution Service,” according to the DOJ release.
Not content with simply accessing Clapper’s email and messing with the CIA director, the hacker also reportedly forwarded all of Clapper’s phone calls to activist Paul Larudee, the co-founder of the Free Palestine Movement organization.
Using the credentials of one of the officials, the hackers also gained access to the FBI’s Joint Automated Booking System (JAB) and the Law Enforcement Enterprise Portal (LEEP), which allows law enforcement to share data in real time. After accessing JAB, the group tweeted screenshots of activist-turned-political-prisoner Jeremy Hammond’s arrest records, including the names and phone numbers of the agents involved in his arrest.
On November 5, 2015, coinciding with the Million Mask March protests, the group posted a link to the personal information of over 2,200 members of law enforcement groups and federal agencies. They also claimed to have personal data on 34,000 government employees and military personnel.
The government was so concerned about the hacks, that they traveled to Ukraine to raid Cryptobin, the site hosting the leaked documents, Liverman said.
“We were all surprised when they did that,” he stated. “The links are all still dead even though Cryptobin is back up.”
Liverman claims that his alleged hacker group has exposed deep flaws in US national security, and explained that if they think a few teens and 20-somethings were able to obtain access to all of this sensitive information, just imagine what foreign governments or hostile actors could do.
“The fact that they think five people under 30 did this, imagine what a foreign nation could do. The group exposed how vulnerable our government is,” Liverman said.
He maintains that the group did the government a favor, as the government needs to be publicly embarrassed before getting proactive about security.
“The group basically did them a favor by exposing these security flaws before nation state hackers exploited them,” Liverman explained, reiterating that he was only an associate of the hackers and did not himself participate. “However, in this day and age you have to embarrass the government to get them to proactively and quickly fix things.”
“The intent wasn’t to put any lives in danger, just expose these flaws and outdated government cyber security practices — or lack thereof.”
Boggs and Liverman are currently free, though banned from accessing the internet, until their next court appearance, tentatively scheduled for November.
Liverman is currently being represented by a public defender, and hopes that he can raise funds to obtain a lawyer who better understands cyber crimes. He is hoping a PayPal fundraising campaign will help him reach that goal (firstname.lastname@example.org or bitcoin (16BKribxWgoW6exNQRNRXGmmfhnRQ5xMk1).
Article by Cassandra Fairbanks, originally published on Sputnik News.