Security

Dastardly Hacker Blamed for Campaign Typo

Charlotte, North Carolina, mayor Pat McCrory announced his candidacy for state governor yesterday in a press release e-mailed by his campaign. The letterhead graphic in the announcement, though, looked like this. A typo by a harried Photoshop wage slave? You’d think. But when a reporter asked McCrory’s staff about it, they revealed that an evil […]

Charlotte, North Carolina, mayor Pat McCrory announced his candidacy for state governor yesterday in a press release e-mailed by his campaign. The letterhead graphic in the announcement, though, looked like this.

Pat McCrory -- Governer

A typo by a harried Photoshop wage slave? You'd think. But when a reporter asked McCrory's staff about it, they revealed that an evil hacker had broken into their computers and inserted the misspelling to sabotage the campaign. In the computer security world, this is known as a Cross-Vowel Substitution Attack (CVSA), and it's more common than you'd think. It's to blame for every single misspelling you've seen on THREAT LEVEL, as well as Kravets' occasional references to Linux "filing systems."

From the News & Observer:

"There's no way this was misspelled," said Victoria Smith, McCrory's campaign manager. She said a hacker had accessed the campaign's computer to alter the word. Smith said someone has been hacking McCrory's mayoral Web site for six months, though the campaign had not contacted authorities.

Then, a campaign spokeswoman, who was with McCrory as he announced his candidacy in Jamestown, said there was no hacker after all -- that an overworked graphic designer had simply made a mistake when designing the logo.

That was not the end.

Smith, reached by phone, insisted the spokeswoman was wrong. The errant spelling -- which had been fixed even as the e-mail sat in reporters' computers -- was indeed the work of a hacker. She said the hacker must have re-hacked the campaign to fix the error.

Eventually, the would-be "governer" straightened things out himself, and told reporters the campaign's graphics designer had simply spelled the word wrong.

You have to wonder how far this would have gone. I think the FBI would have been obliged to launch an investigation, rousting hacker suspects out of bed one-by-one until they found some high school kid who once spelled "sailor" with an E in a term paper, and he'd be off to Nellis for an 18-24 month stretch.

(Hat tip: ISN)