A former Senate IT intern pleaded guilty last week to stealing the personal information of five US senators and posting the data online in a tactic known as doxing.
The former intern, Jackson Cosko, 27, of Washington, D.C., posted the stolen personal data online during the September 27 Senate Judiciary Committee hearings of Supreme Court nominee Brett Kavanaugh, the infamous hearing when judge Kavanaugh faced Dr. Christine Blasey Ford about allegations of sexual assault.
Data like home addresses, personal cell phone numbers, and office numbers were posted on the Wikipedia pages of Republican senators Mike Lee (R-Utah), Lindsey Graham (R-South Carolina), and Orin Hatch (R-Utah), all three members of the Senate Judiciary Committee that was interviewing judge Kavanaugh at the time. The data was posted live, during the Senate hearing.
Details for two other senators --Mitch McConnell (R-Kentucky) and Rand Paul (R-Kentucky)--were later posted on their Wikipedia pages and on Twitter.
Besides posting personal information on these senators' Wikipedia pages, he also defaced some by leaving cryptic or non-sensical messages.
Cosko arrested after being caught in the act
Capitol Police were notified of the doxing; however, the investigation didn't go anywhere until October 2, the next week, when two witnesses came forward.
The two, both working in the office of Senator Maggie Hassan (D-New Hampshire) said they spotted and confronted Cosko about breaking into their senator's office on several ocassions, including that day, where they found him using one of the password-protected computers.
Cosko, who served as an IT systems administrator for Hassan's office until May 2018, when he was fired, is believed to have used his previous access to the computers to install keyloggers that logged credentials.
With this revelation in hand, investigators later traced the doxings back to the IP addresses used by Cosko, and the MAC addresses of his devices.
At the time, Cosko was working on an another intern position for Rep. Sheila Jackson Lee (D-Texas). He was fired following his arrest.
Cosko also threatened witnesses
According to court documents obtained by ZDNet, Cosko obtained the personal data of the senators he doxed after gaining illegal access to Hassan's office computers multiple times between July 2018 and October 2018.
In his plea deal, Cosko also admitted that he tried to hide some of the evidence of his illegal access, and also threatened one of the witnesses.
"I own EVERYTHING," Cosko wrote in an email he sent to one of the witnesses. "If you tell anyone I will leak it all. Emails signal conversations gmails. Senators children's health information and socials."
Cosko will be sentenced on June 13. He faces up to 57 months in prison.
Related malware and cybercrime coverage:
- Cybercrime market selling full digital fingerprints of over 60,000 users
- Reveton ransomware distributor sentenced to six years in prison in the UK
- IoT botnet targeting your enterprise? Nope. Just a kid with an ExploitDB account
- Security researchers discover iOS version of Exodus Android spyware
- Cybercrime group FIN6 evolves from POS malware to ransomware
- Hacker group has been hijacking DNS traffic on D-Link routers for three months
- How the United Nations helps fight global cybercrime TechRepublic
- Apple removed popular app that was secretly stealing your browser history CNET