Ohio Hacker Charged With Utah Police Website Attacks

John Anthony Borell III of Toledo, Ohio, aka "ItsKahuna", age 21, who allegedly is part of CabinCr3w and affiliated with Anonymous, appeared in federal court in Salt Lake City today. He's been charged with computer intrusion for hacking into the Utah Police website and accessing its database. The Affidavit for the criminal Complaint, available here, says:

CabinCr3w is a defined group of individuals, two of whom use the Twitter accounts @ItsKahuna and @Anonwormer, who associate and conspire to differing levels to hack computer systems. CabinCr3w specifically targets law enforcement agencies, non-governmental organizations associated with law enforcement; and the personal lives of those who work in law enforcement related fields. While CabinCr3w is a distinct and definable group of individuals, their activities are justified by the concept of Anonymous,-and their activities are ascribed thereto.

The FBI identified Borell through his Twitter posts and messages, Facebook page, online chats and pastebin postings. The Complaint alleges he admitted on Twitter and in chats that he was responsible for the Utah hacks. [More...]

What the Twitter search warrant obtained:

On March 2,2012, Twitter provided information for the above accounts pursuant to the search warrant. Included in the search warrant return was information related to 1P addresses used by the accounts, all Twitter messages sent using the accounts, direct messages sent to and from the accounts, and basic user information for the accounts, such as the email address that created the account.

After that, a grand jury subpoena was issued to Buckeye Televisions:

a grand jury subpoena was sent to Buckeye Telesystems for several IP addresses found in the Twitter search warrant return related to ItsKahuna:

The complaint refers to two lawyers in Toledo with the name John Anthony Borell. One appears to bJohn Anthony Borel, Sr. and the other John Anothony Borel, Jr. Presumably, one is his father and the other his grandfather. John Anthony Borell, Sr. is the deputy chief of the civil division of the Lucase County Prosecutor's office. John Anthony Borell, Jr., whom I assume is his father, is in private practice.

In one of the intercepted chats, Borell III talks about the advice his lawyer-father gave him:

(19: 11 :20) I talked to my lawyer, the benefit of having a father as an attorney is i have connections
(19: 1 1 :25) he will be representing me
(1 9: 1 1 :52) He said when the FBI shows up dont tell them anything and give them his card and tell them if they need to talk they should go through him
(1 9: 12: 13) And i wont be speaking till they contact the district attorney's office and get a full grant of immunity
(19: 14:04) I told him i wont be giving up anyone
(1 9: 14:05) even if they try to charge me

Kahuna is now facing a maximum of ten years in prison. He's being represented by the Federal Defender in Utah.

The Complaint includes this Twitter admission by Kahuna:

67. On January 20,2012 at 10:58:27 PM GMT, joshloftin (another Twitter user who follows, or is followed by, ItsKahuna) sent a direct message to ItsKahuna which stated "Did you hack http://t.co/vOzi4SX? What did you display (screen grabs?) before site went down? Why. http://t.co/vOzi4SX?" http://t.co/vOzi4SX resolves to http://www.utahchiefs.org.

68. On January 21,2012 at 00:09:56 AM GMT, ItsKahuna sent a direct message to joshloftin which stated "I didnt have any screenshots it was going too fast with everythinggoing on. But yes I hacked it. Put up a megavideo logo and small message."

In another tweet, Kahuna wrote:

"Looking at the files I snagged from you SLCPD, it seems these files can out your confidential informants, You should up your security."

Other admissions in tweets and chats:

ItsKahuna: heh, I actually do networking administration and server maintenance for a living, so I fix them during the day and destroy them at night :P

..."Working On #OpPiggyBank hacking police sites with CabinCr3w lately, Ive lost count of how many at this point lulz."

He also expressed his confidence he wouldn't be caught:

ItsKahuna: haha they wont ever find me, im too awesome :)
ItsKahuna: Trust me, I wouldnt have gotten away with as much as I have if I wasnt careful enough to make sure I dont get caught
ItsKahuna: Im like the gingerbread man, no one can catch me :P

The FBI also conducted physical surveillance of Kahuna, following him when he drove away from his house. It tracked his associates through their twitter accounts and IP addresses, and conducted physical surveillance on them as well.

Kahuna told a female associate no one had a picture of him, and then he sent some to her via Imagur and told her to keep them private. The FBI of course accessed them and compared them to his drivers' license photos.

According to a pastebin posting, the FBI says Kahuna's motive was his objection to the planned introduction of a bill in Utah concerning possession of graffiti paraphernalia.

According to the FBI, it also received "tips" about Kahuna, stating Kahuna's hacking history extends to AnonymouSabu and that he knows "the inner workings" of Anonymous:

The tips stated Borell has participated in numerous government agency intrusions as well as the leaking of classified documents. Borell was active in anonqs (Anonymous operations) and has aided in the hacking of multiple individuals as well.

The tips further claimed that Borell was the lead in the Satiagraha leaks of Brazilian files and hosted them on his website, satiagrahaleaks.org, and had been in contact with Sabu (Sabu is the leader of Lulzsec, a hacking group affiliated with Anonymous). Finally, the tips stated Borell has knowledge of the group's (Anonymous) inner workings and has trusted relationships with many of the members.

Twitter and Facebook are not secure from the prying eyes of law enforcement. The message today is exercising your Miranda rights and refusing to talk to the cops is not going to save you if you've repeatedly admitted criminal conduct online to your friends and the public at large.

< Wanker: Hiatt | Good Samaritans in Denver Rescue Prominent Defense Lawyer >
  • The Online Magazine with Liberal coverage of crime-related political and injustice news

  • Contribute To TalkLeft

  • Display: Sort:
    With all the rampant bullsh*tting and... (5.00 / 1) (#1)
    by kdog on Tue Apr 17, 2012 at 11:49:53 AM EST
    embellishing on the internet, I'm surpised a tweet can be used as evidence of an admission of guilt in a court of law.  

    I hope the state has actual evidence the guy did the hack, and the twitter boasting isn't their whole case, or it should be a quick acquittal...no?  

    I hope they have more evidence too (none / 0) (#2)
    by ruffian on Tue Apr 17, 2012 at 02:32:10 PM EST
    Either way, looks like boasting about hacking a police site is a pretty bad idea, whether you actually did it or not.

    Famous last words - they'll never catch me, I'm too smart. Yeah dude, brilliant.


    I gotta admire the bravado.. (none / 0) (#3)
    by kdog on Tue Apr 17, 2012 at 03:54:09 PM EST
    of the thorns in the side of the thorns in my side though.  Bold, if not bright.  

    He can always amend it to "you'll never convict me suckas!" if the boasting is all they got on him;)