LulzSec Leader Sabu Was Working For Us, Says FBI

LulzSec leader Sabu was working for us, says FBI (Guardian, Mar 7, 2012):

Hacker – real name Hector Xavier Monsegur – helped US authorities bring charges against five others

The world’s most notorious computer hacker has been working as an informer for the FBI for at least the last six months, it emerged on Tuesday, providing information that has helped contribute to the charging of five others, including two Britons, for computer hacking offences.

Hector Xavier Monsegur, an unemployed 28-year-old Puerto Rican living in New York, was unmasked as “Sabu”, the leader of the LulzSec hacking group that has been behind a wave of cyber raids against American corporations including Rupert Murdoch’s News Corporation, the intelligence consultancy Stratfor, British and American law enforcement bodies, and the Irish political party Fine Gael.

It was revealed that he had been charged with 12 criminal counts of conspiracy to engage in computer hacking and other crimes last summer, crimes which carry a maximum sentence of 124 years and six months in prison. According to indictments filed in a Manhattan federal court, he secretly pleaded guilty on 15 August last year.

Despite that, Sabu carried on with his aggressive online persona as the LulzSec “leader”, with the father of two going so far as to deny online – the day after his secret guilty plea – that he had “snitched” on his friends.

His online “hacker” activity continued until very recently, with a tweet sent by him in the last 24 hours saying: “The feds at this moment are scouring our lives without warrants. Without judges approval. This needs to change. Asap.”

In a US court document, the FBI’s informant – there described as CW – “acting under the direction of the FBI” helped facilitate the publication of what was thought to be an embarrassing leak of conference call between the FBI and the UK’s Serious and Organised Crime Agency in February.

Officers from both sides of the Atlantic were heard discussing the progress of various hacking investigations in the call.

A second document shows that Monsegur – styled this time as CW-1 – provided an FBI-owned computer to facilitate the release of 5m emails taken from US security consultancy Stratfor and which are now being published by WikiLeaks. That suggests the FBI may have had an inside track on discussions between Julian Assange of WikiLeaks, and Anonymous, another hacking group, about the leaking of thousands of confidential emails and documents.

The indictments mark the most significant strike by law enforcement officials against the amateur hacker groups that have sprung out of Anonymous. These groups, which include LulzSec, have cost businesses millions of pounds and exposed the credit card details and passwords of nearly 1 million people.

An FBI official told Fox News, which broke the story: “This is devastating to the organisation … we’re chopping off the head of LulzSec.”

But Graham Cluley, a consultant with the security company Sophos, warned news of the arrests, and of Monsegur’s betrayal, could trigger a wave of fresh attacks by furious hackers.

“There are plenty of Anonymous sympathisers out there who will continue to steal information and pass it to Anonymous and WikiLeaks. LulzSec were more sophisticated than most, knew more about computer hacking. But that doesn’t mean that there aren’t others out there with those skills too.”

The five charged by US authorities on Tuesday – two in the UK, two in Ireland and one in Chicago – amounted to a sweep of names who are alleged to have carried out all of the most public hacking attacks in the past year.

One of the people named in the indictment, Jake Davis, already faces a number of charges in the UK relating to alleged hacking by LulzSec. Davis, of Lerwick, Shetland, was on Tuesday charged in the US with two counts of computer hacking conspiracy.

Ryan Ackroyd – a 25-year-old from Doncaster who is said to have used the names “kayla”, “lol” and “lolspoon” – was also charged on two counts of alleged computer hacking conspiracy. A statement from the US Attorney’s office in New York said that Ackroyd was being interviewed on Tuesday by the Metropolitan police. Each count of computer hacking conspiracy carries a sentence of up to 10 years in jail.

Scotland Yard is also running parallel inquiries. One inquiry involves Ackroyd, Jake Davis, and two other people including a 17-year-old boy in connection with their alleged activities within LulzSec.

Ackroyd was charged in the UK on Tuesday night with two counts of conspiracy to “do an unauthorised act with intent to impair or with recklessness impairing of an operation of a computer”, police said.

The 17-year-old boy has been charged with two computer conspiracy offences. It is understood that it is unlikely anyone would be extradited before UK trials had concluded.

Four people have now been charged by Scotland Yard in connection with hacking into a number of websites including that of the Serious Organised Crime Agency.

LulzSec was a hacker “crew” of about 10 people whose infamous run began with an attack in May 2011 on the Fox.com site, and then on the US X-Factor competition for which they released passwords and profiles of 73,000 contestants. It quickly escalated to an attack against Sony Pictures, followed by a security company and a number of online games companies.

But their downfall came after they hacked into InfraGard, a non-profit organisation affiliated with the FBI, and then attacked the websites of the CIA, the US Congress and the UK’s Serious Organised Crime Agency.

LulzSec’s existing members began to worry about government retribution. Although they hacked into the News International systems on 18 July, changing the front page of The Sun’s website, the police and other hackers were on their tail. One called The Jester – believed to be a former member of the US military – who normally attacks jihadist websites, suggested on 24 June that Sabu was an IT consultant based in New York.

The two Irish individuals charged are Darren Martyn, 25, of Galway, Ireland, on two charges of computer hacking conspiracy, Donncha O’Cearrbhail, 19, of Birr, Ireland, on one charge of computer hacking conspiracy and one charge of unlawfully intercepted wire communication, which carries a sentence of up to five years. O’Cearrbhail was arrested by Irish police on Tuesday.

The fifth person charged is Jeremy Hammond, 27, of Chicago, US, who was arrested and charged on Monday for alleged offences relating to the December 2011 hacking of global intelligence firm Strategic Forecasting. He is charged with one count of computer hacking conspiracy, one count of computer hacking, and one count of conspiracy to commit access device fraud.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.