Cryptome Outs Identities of Hackers Behind Breach

Less than a week after the Cryptome.org archive was hacked and defaced, the site has posted the names, addresses and phone numbers of two individuals it accuses of being involved in the attack. 

Less than a week after the Cryptome.org archive was hacked and defaced, the site has posted the names, addresses and phone numbers of two individuals it accuses of being involved in the attack. 

In an update on Friday, Cryptome founder John Young posted contact information for three individuals he identified as “XyriX,” “Virus,” and “Null”: members of an online hacking group Kryogeniks that claimed responsibility for the attack on the archive last week. When contacted by Threatpost, one of those named, Corey Barnhill (aka xyrix), 23, of Harrison, New Jersey, refused to confirm or deny involvement in the Cryptome breach, but denied Young’s account of events. A Web site belonging to the Kryogeniks hacking group also posted a statement denying responsibility for the Cryptome.org hack.

As reported by Threatpost, Young’s Earthlink e-mail account as well as the Network Solutions Web hosting account he uses to manage the fourteen year old site were compromised on October 2. Personal e-mail as well as 60,000 documents hosted on the site were copied by the attackers and Young’s access to both his Earthlink and Network Solutions accounts was blocked.

Young regained control of the site within hours and has maintained that he knew who the perpetrators were and their motive. Earthlink is considering turning to federal law enforcement to investigate the breach and has asked Young for information on the identity of the hackers, he said. 

Cryptome has become embroiled in the controversy surrounding the Wikileaks Web site, which published tens of thousands of classified documents from the wars in Iraq and Afghanistan. However, a report from Wired.com suggested the hack was more or less indiscriminate – carried out by members of the  Kryogeniks hacking group to embarrass a fellow hacker named who uses the handle “TrainReq.” 

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.