The hacking group that has been targeting government officials since October, when it broke into the AOL email account of CIA Director John Brennan, has claimed yet another victim.
This time, the victim is President Barack Obama's senior advisor on science and technology John Holdren, Motherboard has learned. One of the cybercriminals linked to the group that hacked Brennan broke into Holdren's home telephone and email account and set it so that all the calls would get forwarded to the Free Palestine Movement. This is exactly what happened to US Director of National Intelligence James Clapper last week.
On Monday, one of the members of the hacking group, which is known as Crackas With Attitude, or CWA, sent me an email to tell me about his latest feat.
"If you don't believe me you can call the home phone," he said, before sending me a phone number that belongs to Holdren, according to public records.
When I called the number, the founder of the Free Palestine Movement Paul Larudee picked up the phone. Larudee said that the same person who called him last week to tell him that he would receive calls directed at Clapper called him again on Monday morning.
"I did it again," said the hacker, according to Larudee, who told me he recognized the voice of the hacker.
"I did it again."
One of the CWA hackers, known as Cubed, told me that the person who broke into Holdren's account was somebody called Fearz, or @fearhax, who identifies himself as an ex-member of CWA on his bio. Cracka, another CWA hacker, also told me that it was Fearz who was able to get into Holdren's account with a spear phishing (a term for getting information by deceiving via a targeted attack) his wife. (Cracka also said CWA has disbanded, but it appears its members are still in touch with each other and share information.)
"[Fearz] sent [Holdren's wife] Cheryl an email claiming to be John LOL," Cracka told me in an online chat, adding that the phishing emails said "something like 'Hey honey, do you have the password for our joint Xfinity account? I lost it.'"
Then Cheryl sent the password to the hacker, according to Cracka, allowing him to get into their Comcast Xfinity account.
The White House declined to comment, but confirmed that Holdren, who's the Director of the Office of Science and Technology Policy (OSTP), was targeted. "We are aware of this issue and have reported it to law enforcement," a spokesperson for the White House OSTP told Motherboard.
The FBI did not respond to Motherboard's request for comment.
The hackers also provided what they claimed was Holdren's cellphone number. When I called it, a person claiming to be John Holdren picked it up. However, he declined to comment until I proved who I was, and asked me to send him an email to his personal Gmail account. But he didn't respond to my email, nor another subsequent call.
Holdren is just the last in a long series of victims.
Cracka and his associates first became notorious when they hacked Brennan's email. But since then, they have targeted several government officials, including FBI's Deputy Director Mark Giuliano, James Clapper, and the former intelligence execute Vonna Weir Heaton.
"That was the best breach everrr [sic]"
Cracka told me on Monday that the group hacked several other government officials, including some the group never publicly bragged about. He mentioned Amy Hess, the FBI's executive assistant director for science and technology, White House Communications Director Jen Psaki, White House Chief of Staff Denis McDonough, the Deputy Secretary of State Tony Blinken, and the White House Deputy National Security Advisor Avril Haines.
Their month-long hacking spree prompted the FBI to issue an alert last year, warning politicians and police officers of the risk of getting "doxed" by a "hacktivist" group.
The hackers also appeared to have gained access to a slew of law enforcement tools and databases. In November, the hackers published more than 2,000 names belonging mostly to US law enforcement agents. Cracka told me that they found Holdren's wife's email address in one of the databases they were able to download in November.
"That was the best breach everrr [sic]," Cracka said.
The hackers have always claimed to be doing this to protest against the US government, and to support the cause of a free Palestine. In fact, Cracka asked me to include a statement in this article.
"Fuck zionist fucks and bomb Israel leaders," he said.