LulzSec hacker Sabu leads FBI to others, arrests
This post has been corrected. See the note at the bottom for details.
It took one simple mistake for Hector Xavier Monsegur, a hacker who goes by the name Sabu, to get caught by the FBI. On Tuesday, the world found out that Monsegur’s mistake is sending ripples through the hacking community and into high-profile groups such as LulzSec, AntiSec and Anonymous.
Six alleged hackers from those three prominent collectives have been charged in New York for executing a series of online attacks against the likes of Sony, Fox, PBS, Bethesda Softworks, the Central Intelligence Agency and a number of financial institutions such as Visa, MasterCard and PayPal.
According to an indictment filed in a U.S. District Court in New York against the men, the group broke into computer networks, deleted data, and stole confidential and personal information belonging to more than 800,000 people.
Aside from Monsegur, the five others charged with various hacking crimes are Ryan Ackroyd, who allegedly went by the aliases Kayla and Lolspoon; Jake Davis, who allegedly is known as Topiary; Darren Martyn, who allegedly went by the name Rapesauce; Donncha O’Cearrbhail, who allegedly hacked under the handle Palladium; and Jeremy Hammond, who allegedly hacked under the name Anarchaos, the FBI said.
The arrests came after Monsegur, 28, logged into a chat room with other hacker buddies and mistakenly didn’t cover his computer’s Internet protocol address, according to a report from Fox News, which first reported the indictments.
With that lapse, FBI investigators had the information they needed to identify what computer Monsegur was using and eventually where he lived and who he was, Fox News said.
The FBI approached Monsegur and persuaded him to turn on his fellow hackers, threatening jail time that he sorely wanted to avoid because the New Yorker is the guardian of two young children, the Fox report said.
On Aug. 15, 2011, Monsegur pleaded guilty to 12 counts of “computer hacking conspiracies and other crimes,” the FBI said. After that, investigators gave Monsegur a government-issued laptop that would allow them to track what he did online, which included successful online attacks and information the fed says lead them to the five others named in the indictment, the report said.
Federal investigators had been following Monsegur and other hackers who fall in and out of hacking groups such as Anonymous and LulzSec, which have no official hierarchy or permanent leaders, since 2008, the indictment said.
The FBI accuses the six of taking part in online attacks against credit card companies and the online payments service PayPal in 2010 and 2011 that were lobbed as punishment for the financial companies’ refusal to accept donations to the whistle-blower website Wikileaks, which at that time had published millions of pages of confidential government documents from the U.S. and its allies.
The indictment describes the men as “elite computer hackers” that defaced websites and launched “malicious cyber assaults on the websites and computer systems of various business and government entities in the United States and throughout the world.”
After pulling off a cyber-attack, the six men and other hackers would often brag about their exploits online using social networks such as Twitter, the indictment said.
Sometimes the motivation for the attacks were simply for the “lulz,” the indictment said, stating that “ ‘lulz’ is Internet slang which can be interpreted as ‘laughs,’ ‘humor,’ or ‘amusement,’ ” the indictment said.
For the record, 6:45 p.m. March 6: A previous version of this post misspelled Donncha O’Cearrbhail’s last name as O’Cearrbhall.
ALSO:
Alleged LulzSec hacker arrested for Sony Pictures attack
Sony: 93,000 PlayStation, Online Entertainment accounts hacked
China-based hackers reportedly targeted U.S. Chamber of Commerce
