News

Report: FBI searches Tenn. Student's Apartment in Palin Hacking

But proxy service operator says hacker's IP address 'doesn't look consistent' with state legislator's son

By Gregg Keizer, Computerworld

September 22, 2008 — CSO —

FBI agents served a search warrant Sunday at the Knoxville, Tenn., apartment of a college student whom Internet sleuths last week had named as the hacker who accessed Gov. Sarah Palin's e-mail account, a local television station reported.

But the Georgia man who runs the proxy service used to mask the hacker's identity said that the IP address he's traced "doesn't look consistent" with reports in the media that have focused on David Kernell.

According to a report by WBIR, Knoxville's NBC affiliate, agents served the warrant early Sunday at the residence of Kernell, 20. He is the son of Mike Kernell, a Democratic state legislator from Memphis.

A witness told WBIR that the agents arrived at The Commons of Knoxville early Sunday, and spent about one-and-a-half to two hours searching Kernell's apartment. The witness also said that Kernell's roommates were subpoenaed and must testify this week in Chattanooga.

Kernell, a student at the University of Tennessee-Knoxville, was linked to the hack of Palin's account on blogs and message boards after someone identified only as "rubico" posted a message on a popular board claiming to have accessed Palin's account by using Yahoo's password reset feature. Others subsequently connected the rubico handle to the e-mail address "rubico10@yahoo.com," which was in turn linked to Kernell through Internet searches that uncovered connections between him, the username and the e-mail address on such sites as YouTube.

Last week, Kernell's father confirmed that his son was the person being named on blogs and boards in connection with the Palin hack.

The U.S. Department of Justice also confirmed there has been "investigatory activity" in Knoxville regarding the Palin case, said the WBIR report. No charges, however, have been filed, and the warrant was not publicly available, the DOJ spokeswoman told the television station.

A search conducted Sunday by Computerworld on the federal court system's electronic database revealed no complaints or warrants issued against Kernell.

And Gabriel Ramuglia, the webmaster of Ctunnel, an Athens, Ga.-based proxy service used by the hacker, said Sunday that he wasn't sure the FBI was investigating the right man.

At the FBI's request, Ramuglia had searched the Ctunnel logs for evidence of the Palin account hack. He reported his findings to the agency Saturday.

On Sunday, he confirmed he had identified the IP address used by the person who broke into the Palin account. "It seems that the user in question did access the account using Ctunnel," Ramuglia said, "and I have the IP address of that user."

• Email
• Print
• Comments
• Digg This
• SlashDot

• Sarah Palin Hackers Hit Wrong Yahoo Account
• Wikileaks Posts Bill O'Reilly Web Site Data
• Report: Princeton Review Publishes Sensitive Data Online
• Yahoo, Hotmail, Gmail All Vulnerable to Palin-style Password Hack
• New Windows Worm Builds Massive Botnet