Aubrey Cottle allegedly gained access to the Texas GOP’s website through a breach of its hosting provider.
The post DOJ charges hacker for 2021 Texas GOP website defacement appeared first on CyberScoop.
The Department of Justice unsealed charges against Canadian citizen Aubrey Cottle, a hacker who goes by the handle “Kirtaner,” for a 2021 incident that resulted in the defacement of the Texas Republican Party’s website.
Prosecutors have charged Cottle, an early member of the hacktivist group Anonymous, for the defacement, as well as downloading contents from an Apache backup web server owned by the Texas GOP that contained personal information. That information was later released publicly via BitTorrent as a 180-gigabyte file of stolen data.
In September 2021, the official website of the Republican Party of Texas was defaced, with the front page replaced with text like “JET FUEL DOESN’T MELT STEEL” (a reference to a decades-old 9/11-related conspiracy theory), “BUSH LIED, PEOPLE DIED” and “Trans demon hackers are coming to get you.”
According to a redacted complaint, the bureau identified one IP address that downloaded 100% of the stolen data over BitTorrent, a Bell Canada customer who was identified as Cottle.
Cottle allegedly gained access to the Texas GOP’s website through a breach of its hosting provider, Epik, and investigators appear to have relied on Cottle’s bragging on social media to prove his involvement in the hack and gather additional evidence.
Specifically, a TikTok user named “kirtaner” posted videos with “an individual believed by the FBI to be Cottle based on his appearance and screen name” taking credit for the hack against Epik.
The FBI used those videos to subpoena records from a Discord channel Cottle had created in 2005. In September 2021, he allegedly posted on that channel “OH I GAVE THE CHILDREN THE SQLI EXPLOIT VULN GAB CODE ALREADY,” later adding “when it hits you’ll never see it attributed to me but… epik hosting’s f—ed.”
Cottle was charged with identity theft. He faces a maximum sentence of five years in prison.
A request for comment sent to the Texas Republican Party and Epik were not immediately returned.
A search warrant issued for Cottle’s home by the Ontario Provincial Police resulted in the seizure of 20 terabytes of data, including emails sent by one his accounts in February 2021 claiming to have root access to Epik’s network along with its virtual machines, web domains and customer data. The email told the unknown sender to “delete this message after reading.” Another screenshot details an email sent by the same account on Sept. 9, 2021 with the subject line “oops I control the Texas GOP.”
A solid-state drive seized from Cottle’s home contained a file folder titled “EpikFailYouLostTheGame” that contained personal data, including from the Texas GOP website.
In January 2022, seemingly aware that law enforcement was on his trail, Cottle posted in the same channel to address the “fbi agents reading my discord logs,” defending the hack as an act of political activism against far-right extremism.
In September 2022, Cottle, who has a history of taking public credit for hacks, told CyberScoop that Ontario police raided his home on Aug. 30 and “took all my equipment (multiple pcs, storage devices, phones, servers, NAS) and bagged my guy fawkes mask as evidence.”
Epik, he said, was “known for providing services to websites that host far-right, neoNazi, and other extremist content” and claimed the stolen data “has allowed researchers and journalists to discover links between far-right websites, groups, and individuals.”
The post DOJ charges hacker for 2021 Texas GOP website defacement appeared first on CyberScoop.
Source: CyberScoop
Source Link: https://cyberscoop.com/department-of-justice-charges-hacker-aubrey-cottle-texas-republican-website-defacement/