WHAT'S UP, DOX?
Hundreds of German Pols Get Hacked and a 20-Year-Old Confesses. Can That Be True?
It's one thing to get hacked by the NSA or the GRU. But security was so lax among Germany's political elite they allegedly got doxxed by a kid with a keyboard.
BERLIN — When German police officers showed up Sunday night at the family home in Hesse of a 20-year-old they later described as a “computer savvy” high school student, he had already destroyed his computer. Savvy indeed.
Still, the young man confessed to stealing and publishing personal data from hundreds of politicians from every political party—except from the far right AfD — a leak that is being described as an attack on an open and free society by lawmakers like Cem Özdemir from the Green Party, and as the overblown work of a lonely attention-seeker by people who claim to know him. Of course, both things may be true.
The young man who had been tweeting under the pseudonym @_0rbit for the past year and a half reportedly had few friends in real life but several contacts in the YouTube scene. Already in 2017, he would hack teenage YouTubers who’d achieved moderate fame and published their personal details on Twitter. He didn’t blackmail them, but sometimes asked them to chat with him. In the end, he usually gave them their account back. The YouTubers would say they’d been hacked, and this way, the online persona of @_0rbit began to build up a reputation.
Since his arrest however, Herr Orbit (whose name is withheld under German law) has gotten more attention than he probably ever bargained for. Some of the main German media outlets jumped to describe his doxxing of up to 1,000 politicians and public figures as a “Mega-Hack,” or even (incorrectly) “the biggest hack-attack in German history.”
In fact, the incident has illuminated a generational disconnect: while several YouTube kids had chortled on Twitter that @_0rbit would never be caught (it took the police 48 hours), @_0rbit’s doxxing also has provided German politicians with some lessons about internet security. It’s one thing to discover through Edward Snowden’s whistleblowing that the American intelligence services hacked Chancellor Angela Merkel’s cell phone or the Russian GRU is mounting a campaign of leaks and disinformation, and quite something else to discover it’s a kid with a keyboard.
Over the Christmas holidays in the style of an Advent calendar, @_0rbit began to release information every day targeting the famous people whose “public statements” had “annoyed” him, according to investigators. But most of this data—pictures of the two young sons of comedian Jan Böhmermann, for instance—had been online already. In was only in the last days before Christmas that @_0rbit moved on to politicians. He hacked around eight to 10 of their accounts and then used those to get the private mobile numbers and email addresses of others. In the case of Green Party leader Robert Habeck, @_0rbit published personal chats between Habeck and his wife and sons.
And yet, the police only discovered the data theft last Thursday, after people began to ring up Martin Schulz, the German Social Democratic Party’s 2017 candidate for chancellor, on his private mobile number. One 19-year old IT trainee from Schleswig-Holstein texted Schulz on WhatsApp to alert him that his number was live on Twitter and: “You should change it, best wishes and so on.” Schulz texted back to thank the young man and told him graciously but vaguely: “If the opportunity arises for me to return the favor then I will.”
At a press conference Tuesday afternoon in Berlin, Interior Minister Horst Seehofer announced that an “early warning system” to prevent and recognize these kinds of attacks would be set up and that more cyber-security experts would be recruited to the workforce.
Luca Hammer, a data analyst based in North-Rhine-Westphalia, told The Daily Beast that he doesn’t think government authorities can be responsible for politicians who “fail to secure their private accounts.”
Still, authorities might encourage a bit more common sense. Seehofer noted that some of the passwords on accounts @_0rbit hacked were very “simple,” like “1,2,3” or “ILoveYou.”
According to the police, the 20-year-old behind the @_0rbit account said he was acting alone and did not have a political motive.
One 19-year-old YouTuber called Tomasz Niemiec has claimed that he has had virtual contact with @_0rbit for several years. Niemiec told Süddeutsche Zeitung that the suspect had been acting mainly for attention, but was also “not exactly to the left” politically.
Another 19-year-old IT programmer called Jan Schürlein, whose apartment was also raided on Sunday, posted on Twitter Wednesday that he had asked 0rbit via chat “why are you leaking shit from other parties but not from the AfD?” The latter allegedly replied, “Oh, they are not that bad.”
One of the few Twitter accounts that @_0rbit followed was that of the hate blog anonymousnews.ru, which is allegedly run by a former German banker who used to sell guns illegally as “defense weapons” against anti-fascists and refugees. And now, while @_0rbit doesn’t seem to have been connected to any extremist networks and even though his account has been deleted, some of the politicians’ private data has already spread through to the right-wing twittersphere.
“It was one guy who had too much time on his hands so he hacked some people and nobody noticed,” is how Luca Hammer describes it. Indeed, @_0rbit came to the attention of the general public last Thursday, not after some people phoned up Martin Schulz, but after he hijacked the Twitter account of the popular German YouTuber Simon Unge to re-publish his data collection. Unlike the kid in Hesse, Unge is a vegan gamer with 2 million followers.
Nils Ahr, a 16-year-old from the YouTube scene who has had contact with both Schürlein and Niemiec tells us that, in his eyes, @_0rbit “wanted to harm politicians and public figures” and that “it is remarkable what a 20-year-old without any IT education can create at his own will.” But whatever @_0rbit has created, it is not really what the tabloid BILD has been calling the “biggest hacker attack in German history.” Maybe just the most embarrassing.