FBI agents served a search warrant Sunday at the apartment of a college student whom Internet sleuths last week had named as the hacker who accessed US Republican vice presidential candidate Sarah Palin's e-mail account, a local television station reported.
But the man who runs the proxy service used to mask the hacker's identity said that the IP address he's traced "doesn't look consistent" with reports in the media that have focused on David Kernell.
According to a report by WBIR, Knoxville's NBC affiliate, agents served the warrant early Sunday at the residence of Kernell, 20. He is the son of Mike Kernell, a Democratic state legislator.
A witness told WBIR that the agents arrived at The Commons of Knoxville early Sunday, and spent about one-and-a-half to two hours searching Kernell's apartment. The witness also said that Kernell's roommates were subpoenaed and must testify this week.
Kernell, a student at the University of Tennessee-Knoxville, was linked to the hack of Palin's account on blogs and message boards after someone identified only as "rubico" posted a message on a popular board claiming to have accessed Palin's account by using Yahoo's password reset feature. Others subsequently connected the rubico handle to the e-mail address "email@example.com," which was in turn linked to Kernell through Internet searches that uncovered connections between him, the username and the e-mail address on such sites as YouTube.
Last week, Kernell's father confirmed that his son was the person being named on blogs and boards in connection with the Palin hack.
The US Department of Justice also confirmed there has been "investigatory activity" in Knoxville regarding the Palin case, said the WBIR report. No charges, however, have been filed, and the warrant was not publicly available, the DOJ spokeswoman told the television station.
A search conducted Sunday by Computerworld on the US federal court system's electronic database revealed no complaints or warrants issued against Kernell.
And Gabriel Ramuglia, the webmaster of Ctunnel, a proxy service used by the hacker, said Sunday that he wasn't sure the FBI was investigating the right man.
At the FBI's request, Ramuglia had searched the Ctunnel logs for evidence of the Palin account hack. He reported his findings to the agency Saturday.
On Sunday, he confirmed he had identified the IP address used by the person who broke into the Palin account. "It seems that the user in question did access the account using Ctunnel," Ramuglia said, "and I have the IP address of that user."