A 22-Year Old German Hacker Was Caught After Hijacking the Email Accounts of Politicians

22-Year Old Hacker Caught After Leaking Politicians' Data

Quite a few people tend to think that hiding behind an online moniker frees them to do whatever they want. A 22-year old man from Germany can testify that this is not really the case. His name is Johannes S., but many people are more familiar with what are supposedly his online nicknames – '0rbit' and 'G0d.' In late 2018, he grabbed some headlines after he allegedly leaked the personal information of hundreds of politicians and famous people in his home country, but soon, he might be paying the price.

2018's data advent calendar might come back to haunt its creator

During the last months of 2018, 0rbit started using his Twitter account to leak some private data that he had obtained. The targets were seemingly picked at random, and the amount of attention he was receiving wasn't huge. In December of that year, however, the hacker set his sights on German politicians, and he immediately grew to fame. 0rbit organized an advent-calendar-style leak and posted daily tweets that contained links to the private data of some of the world's most powerful political figures.

The leak affected members of all but one of the active German political parties at the time, and the list of victims included none other than Chancellor Angela Merkel. People immediately began to speculate on who might be responsible, and inevitably, some fingers were pointed at state-sponsored hacking groups from Russia. An investigation, however, led the police to Johannes S., a computer geek from the small town of Homberg (Ohm), who was just 20 at the time. He was arrested in January 2019, and he confessed to stealing and distributing vast amounts of personal data. Spiegel (link in German) now says that the General Prosecutor's Office in Frankfurt am Main is ready with the indictment, which means that the young man should face court very soon.

What is the motive behind 0rbit's leak?

It was a massive incident involving high-profile targets. For many people, Johannes S. might seem like an unlikely perpetrator not just because the sensitive nature of the information suggests that there was plenty of skill involved, but also because 20-year-olds are usually too preoccupied with other things to think about discrediting politicians. Johannes, however, is allegedly a bit different.

When asked about why he did it, he apparently said that he was annoyed with his targets and that the leak was a way of showing his displeasure with them. The lack of right-wing politicians among his list of targets also suggests that political beliefs might just be the driving force behind the hack. According to the prosecutor's charges, however, there is another motive. Johannes allegedly got in touch with six Members of Parliament and asked for €900 (just under $1,000) in exchange for not including their data in the leak.

How did 0rbit get access to that much personal information?

The court's order should give us an idea about the main motive behind 0rbit's December 2018 leak spree. What will probably remain unknown is how 0rbit got his hands on such a massive trove of personal information.

The publicly available details around the incident are somewhat inconsistent in that respect. On the one hand, reports say that he abused the password reset features on his targets' personal email accounts. According to some, however, he also used an online service that gave paying customers access to a massive dump of compromised information.

The name of the said service is not named, but the reports do point out that it was closed by US authorities in January 2020, which makes us believe that it's very likely to be WeLeakInfo.com. Before it was seized by the FBI, the website hosted hundreds of databases leaked during various data breaches, and paying cybercriminals were offered the chance to download terabytes of personal information.

It wouldn't be in the least bit surprising if it turns out that services like WeLeakInfo have data on top-tier political figures. After all, politicians also use the internet, and their data can also be compromised. Unfortunately, if a breach affects Ms. Merkel and her colleagues, the consequences could be much more serious.

May 28, 2020

Leave a Reply