Guccifer – a hacker who likes to pick on famous, powerful people – is once again poking at former US Secretary of State Colin Powell.
Powell, who had his email breached when Guccifer doxed ex-president George Bush and his Facebook page subsequently defaced, is now denying Guccifer-spawned allegations of an affair with Corina Cretu, a Romanian politician and journalist.
Guccifer in March took over Powell’s Facebook page and posted images he had weaseled out of the Bush family in February.
Those photos included some taken at the Bohemian Club, a top-secret meeting of the world’s male kingpins, along with a self-portrait of George W. Bush in the shower.
This time around, Guccifer reportedly hacked Cretu’s email account to get at Powell.
According to Infosecurity Magazine, Powell emailed Cretu on 31 July to tell her that by hacking email addresses out of former President Bush’s account, Guccifer is “driving everyone here crazy”:
"The hacker gets addresses from my contact list which he got when he hacked into President Bush's account. Our security people have been chasing him for months. He may have lots of your emails, maybe not, so best to delete all between us."
Alas, that advice appears to have been, as the saying goes, a day late and a dollar short.
Guccifer was apparently already in Cretu’s account.
The hacker reportedly posted tenderly yearning email messages from the Romanian politician to Powell on a Google Drive file, then publicised the drive on the Facebook account of a retired general who’s also a Facebook friend of Powell’s.
Guccifer also exposed the material directly to Powell’s Facebook followers by posting a message on Powell’s wall with a link to the Google Drive page, according to The Smoking Gun.
Guccifer also posted Cretu’s email to Cryptome – an online library of documents to do with cryptography, spying, surveillance and freedom of speech.
In a statement to The Smoking Gun, Powell said there’s no fire beneath the smoke of the flirty emails:
Over time the emails became of a very personal nature, but did not result in an affair. Those type of emails ended a few years ago. There was no affair then and there is not one now.
Was Ms. Cretu sloppy with her computer security? Perhaps she chose an easy-to-guess password, say?
Maybe she typed out those yearning emails to Colin Powell after having signed in to her email account using a head-bangingly silly password, such as the name of a pet?
It’s a crime to hack people’s accounts. Cretu was victimized, and so was Powell, and all else who get doxed in this manner.
One hates to blame the victim.
Oh, wait, scratch that! This is info security! The victim is often blamed!
Ms. Cretu, if you did, in fact, have an easy-to-guess password, I hope that in the aftermath of this incident that you start boning up on how to create one that’s a bit harder to guess.
It might not be your fault, morally speaking, if your password was hacked, but there’s no reason to make it easy as pie for troublemakers like Guccifer to get at your personal data.Follow @NakedSecurity