The FBI has arrested and charged two young men from North Carolina, over their alleged connection with notorious hacker group Crackas With Attitude(CWA). The hacker group first shot into prominence after hacking the personal email account of CIA director John Brennan in 2015.
According to a Department of Justice press release, the two men arrested are Andrew Otto Boggs, 22, who allegedly went by the pseudonym Incursio or IncursioSubter and Justin Gray Liverman, 24, who is suspected of having used the handle D2f4ult.
CWA high-profile hacks
The CWA hacker squad is believed to have been active from October 2015 to February 2016. In those short months the group racked up several high-profile hacks, beginning with the attack on the CIA director and continuing on to hack US National Intelligence director James Clapper, FBI deputy director Mark Giuliano and President Barack Obama's senior science and technology advisor John Holdren.
In addition, CWA also went after US intelligence and security agencies. The group hacked the Department of Justice system and dumped personal information of around 20,000 FBI and 9,000 DHS staffers.
3 other alleged members arrested in the UK
UK authorities had arrested 3 alleged members of CWA in early 2016. The first to be arrested in January was 16 year old "Derp". After that the group's alleged leader "Cracka", also 16, was arrested in February. Just a week after the alleged leader was arrested, the third alleged member, a Scottish teenager going by the name "Cubed" was arrested.
How authorities captured the CWA
The hacker group extensively used social media to publicise their exploits and dumps and mock their victims. However, according to the affidavit, Boggs and Liverman were idenitified by authorities by their alleged connection to Twitter handles. While Boggs was identified to be allegedly connected to one of the implicatedTwitter accounts @GenuinelySpooky. The account's IP address was found to be registered to Bogg's father, with whom he lived.
Liverman's arrest was also the result of a similar mistake. The IP address used to access the Twitter handle @_D3F4ULT and others were found registered to Edith Liverman, who Liverman lived with at the time.
Additionally, the affidavit also reveals several communication logs between the alleged members of the hacker group, conducted via Twitter direct messages (DM).
CWA still active?
After the news of the recent arrests were made public, another alleged CWA member called Zoom told Motherboardthat he was "worried". Zoom claimed that he had been raided earlier in the year, but said that he had neither been charged nor arrested. He also claimed that the FBI had apparently arrested the wrong person when apprehending Boggs, as Incursio he claimed, was actually a woman.
"I talked to default at 4 am this morning and now he's apparently been raided," Zoom said. "I thought they were gonna leave us alone after they took my stuff. I still haven't gotten my laptop or my externals back."
He also said "Cracka isn't a person, cracka is an idea. We are all cracka, we all feel that way deep down. Just look at our country and who we have running for president. America needed CWA, it needed a wake up call. The feds will never stop us."