Thrill Attacks
Hacker breaks into vice-presidential candidate Sarah Palin’s email account and posted screenshots of its contents on the web. Twenty year old David Kernell, son of Memphis state reprehensive and University of Tennessee-Knoxville student, alleges that he was the individual that was responsible for leaking governor Palin’s email inbox details online. He also continues to boast a convincing account of how it was done.
In under 45 minutes the email account was infiltrated. The hacker used Yahoo’s password recovery, and uncomplicated web browser search to gain access. Yahoo’s password recovery allows individuals to retrieve forgotten passwords by allowing users to answer a series of “security questions” only the account holder would know. After just minutes of searching on wikipedia and the U.S Postal Service website, the hacker was able to attain the governor’s date of birth, zip codes for Wasilla, Alaska, and detect information on where she met her husband. After gaining access, the hacker was able to take snapshots of the email’s contents. Apparently the hacker was attempting to find incriminating evidence against governor Palin that would derail her campaign. The URL of a proxy site that he used that was seen in one of the screen shots was detected . It was then used to gain the IP address of David Kernell.
Through the use of simple use of social engineering, the hacker was able to gain access to her personal email account. This thrill crime demonstrates a perfect example of the faultiness of internet security.
