A group of teenage hackers going by the name of "Crackas With Attitude" (CWA) are on a rampage, breaking into federal systems to embarrass the U.S. government.
After gaining access to the personal AOL email account of CIA Director John Brennan last month, the teenagers reportedly broke into the Comcast email account of FBI Deputy Director Mark Giuliana's wife, dumped personal details of thousands of government employees and then claimed to have gained access to the national Joint Automated Booking System, JABS, a database of arrest records, the FBI's Internet Crime Complaint Center and the FBI's Virtual Command Center.
"Cracka," one of the hackers who also claims to be a stoner, told Motherboard the CWA targeted FBI Deputy Director Mark Giuliana because the FBI is investigating the hacker group and plans to "make an example" out of them. CWA "hacked" into the email account of Giuliana's wife, found Giuliana's phone number and then called him. Giuliana allegedly told Cracka, "I don't know you but you better watch your back." The hacker tweeted that Comcast and AOL had nothing to do with breaching the feds' accounts.
Next, CWA dumped personal details of over 2,400 government employees; the list allegedly contained full names, job titles, organizations, agencies, email addresses and phone numbers. Softpedia added that the hackers claim to have around 34,000 "emails, names, position and phone numbers of gov[ernment] associates, including military," but it is unknown if the names were obtained via a hack, purchased off the Dark Web, or will be used to dox people.
Next Gov, which reported that the dumped list contained personal details of 3,500 government employees, was told by the FBI that the agency will neither confirm nor deny "specific claims of hacktivism;" the FBI intends to hunt down the hackers and hold them "accountable" for engaging in "illegal activities in cyberspace." DHS declined to comment, and the Pentagon said to ask the FBI.
Now the alleged teenage hackers claim to have gained access to the national Joint Automated Booking System (JABS), a database of arrest records, the FBI's Internet Crime Complaint Center, and the FBI's Virtual Command Center.
CWA told Wired they exploited a flaw "that allowed them to gain access to the private portal, which is supposed to be available only to the FBI and other law enforcement agencies around the country. That portal in turn, they say, gave them access to more than a dozen law enforcement tools that are used for information sharing."
‘Cracka,' who provided Wired with a screenshot of the JABS online portal, tweeted that "CWA did, indeed, have access to everybody in USA's private information, now imagine if we was Russia or China."
JABS, according to a former FBI agent, shows "all arrests and bookings no matter the sealing," but some sealed records "will only have limited data." He told Wired, "The records go in but after processing they can be removed if they are sensitive matters, or more likely there will be [a] flag when you run a name to contact a specific agency. Hackers might be removed if they are potentially cooperating witnesses or sources." He added, "It takes some serious work or threats to get the records removed."
JABS is mentioned online by the FBI, ATF, DOJ, U.S. Marshals and others. The hackers claim to have had access to "law enforcement's Enterprise File Transfer Service, which the government describes as a web interface for securely sharing and transmitting files," and provided a lengthy menu list of sensitive tools to which they allegedly had access.
The menu included Enterprise File Transfer Service, Cyber Shield Alliance, DFS Test, eGuardian Training, IC3, IDEAFX, Intelink, Intelink IM, and Justice Enterprise File Sharing. Additionally, the portal supposedly provides access to Special Interest Group, Virtual Command Center, National Data Exchange, National Gang Intelligence Center, Repository for Individuals of Special Concern, RISSNET, ViCAP Web National Crime Database, Active Shooter Resources Page, Malware Investigator, Homeland Security Information Network, and eGuardian.
All of this hacking, according to Cracka, is not for lulz, but "is for Palestine."