By Patrick Gower
So the Murray McCully hacker, self-described Russian 'Yuri Petrov' is now claiming he's just a normal old Kiwi bloke.
After my investigation of the "comrades" website last night that found it was a clumsy attempt to act like a Russian hacker, 'Yuri' got in touch.
Turns out he's now claiming he's a bit of a sideline hacker who got a hold of a handful of McCully's emails off the Anonymous group.
Crumbs off someone else's table, I believe it's called.
I'll come back to 'Yuri' later.
Anyway ‘Yuri's a Kiwi’ fits with the Government Communications Security Bureau (GCSB) assessment that it was Anonymous.
And it fits with this statement from Anonymous given to Vernon Small:
Leader of the Auckland Anonymous Cell, "Mr-Infinite", said: "this GCSB report finding is acceptable to Anonymous. The fact that our nation's top supah sekrit spais cannot identify who kiddy-scripted their way into Mr McCully's emails is evidence that all your base are belong to us. We are grateful to the Minister of Foreign Affairs for using a public domain email provider as part of his job. Mr McCully is a world leader in this regard and we value his contribution in the struggle for freedom of information and in maintaining the accountability of elected representatives."
It's worth remembering the breach came at about the time Anonymous threatened to attack the Parliament website in protest of the copyright law.
And when Vernon first reported the story he noted "there was some discussion inside the Anonymous network about the email breach at the time".
It seems this discussion may have been picked up by our GCSB - who are clearly monitoring Anonymous.
Anyway, back to 'Yuri' - this is what he told me last night after reading my blog:
“Allow me to fill you in Patrick”.
“My name is not Yuri Petrov. I am not Russian - although I know the language. I do not live in Moscow - but it was beautiful when I last went.
“Yes, Anonymous were the ‘perpetrators’ of the email ‘hack’
“But this then leads to the question at hand: Who the hell is Yuri Petrov? Why did he claim he did it?
“Me? I'm an avid infosec guy, an average guy - someone whom you'd usually not think of speaking to on a daily basis.
“Yes, I can confirm the mysterious 'Yuri Petrov' lives in New Zealand.
“My sincerest apologies for messing you around, it was just for fun,” he wrote.
And it seems as if the handful of McCully emails ‘Yuri’ had was all he was given.
Yuri: “Well to be honest, I had to ask around a bit to find these ones and the person - who wishes to remain nameless - didn't give me any more.
“But yeah, those ones were actually from the hack - or so I'm told,” 'Yuri' says.
So who knows how much of this is true. But it seems a likely explanation.
All this of course is a distraction from the real story: that McCully's system of forwarding emails to his private account meant the emails were able to be hacked.
And most importantly: what information is still out there in cyberspace - and where will it turn up?