Hacker and FBI informant Sabu, aka Hector Monsegur, linked to cyberattacks abroad

Sabu.


Sabu.

From the NYT: "An informant working for the F.B.I. coordinated a 2012 campaign of hundreds of cyberattacks on foreign websites, including some operated by the governments of Iran, Syria, Brazil and Pakistan, according to documents and interviews with people involved in the attacks." The informant was Sabu; his helper Jeremy Hammond.

LulzSec's Jake "Topiary" Davis interviewed

How did he get caught? "VPN provider ratted me out." [ask.fm]

How Anonymous broke its own rules to break free

Before the summer of 2011, Anonymous was an amorphous collective of hackers and pranksters ready to pour cold water on members’ nascent political aspirations. By 2012, a growing antiauthority, anticensorship, anti-surveillance sentiment asserted itself, and everything changed.

Read the rest

LulzSec members plead guilty

Two LulzSec members, Ryan Cleary and Jake Davis, pleaded guilty to conspiracy on Monday. Two other defendants will go to trial in April. [NYT] Previously.

FBI's LulzSec informant Sabu: "Party boy of the projects"

The New York Times has a colorful profile piece out on Hector Xavier Monsegur, who agreed to serve as an FBI informant in the LulzSec/Anonymous sting in hopes of reducing possible prison sentence of more than a hundred years.

Anonymous rocked by revelation that top LulzSec hacker was FBI snitch

Quinn Norton has an excellent piece over at Wired:Threat Level on the reactions within "Anonymous" to the news that LulzSec frontman "Sabu" (photo above) was collaborating with the FBI. Kim Zetter's take on the arrests and secret plea deals is here.

LulzSec frontman Sabu was FBI informant, fed Stratfor docs to Wikileaks from an FBI-owned computer

The Guardian has more on the big hacking news which Fox News broke yesterday (as noted in a post by Rob). "Sabu," the trash-talking, self-appointed leader of LulzSec, has been working for the FBI for the last six months. The FBI says he helped the US and various European governments identify and arrest five alleged LulzSec members charged with participating in defacement, DDOSing, and "doxing" against high-profile government and corporate targets. Sabu (above) is, in now identified as Hector Xavier Monsegur, a 28-year-old unemployed Puerto Rican guy living in New York, and a father of two. He was charged with 12 criminal counts of conspiracy to engage in "computer hacking and other crimes" last year, pled guilty in August, 2011, then "snitched" on his LulzSec friends.

Here's the FBI news release, which notably omits the names of any prosecutors (perhaps for fear of Anonymous attack).

Snip from Guardian story:

His online "hacker" activity continued until very recently, with a tweet sent by him in the last 24 hours saying: "The feds at this moment are scouring our lives without warrants. Without judges approval. This needs to change. Asap."

In a US court document, the FBI's informant – there described as CW – "acting under the direction of the FBI" helped facilitate the publication of what was thought to be an embarrassing leak of conference call between the FBI and the UK's Serious and Organised Crime Agency in February. Officers from both sides of the Atlantic were heard discussing the progress of various hacking investigations in the call.

A second document shows that Monsegur – styled this time as CW-1 – provided an FBI-owned computer to facilitate the release of 5m emails taken from US security consultancy Stratfor and which are now being published by WikiLeaks. That suggests the FBI may have had an inside track on discussions between Julian Assange of WikiLeaks, and Anonymous, another hacking group, about the leaking of thousands of confidential emails and documents.

The indictments mark the most significant strike by law enforcement officials against the amateur hacker groups that have sprung out of Anonymous. These groups, which include LulzSec, have cost businesses millions of pounds and exposed the credit card details and passwords of nearly 1 million people.

Read the rest

Report: LulzSec members arrested

Fox News' Jana Winter reports that LulzSec's Sabu was caught and turned by the authorities last June and has been working with them since. Other members of the group were arrested today as a result, she writes; details will be unsealed today in district court. The name given, Hector Xavier Monsegur, would confirm earlier outings and doxings from the same period. Last June saw the group publicly suspend operations, if you'll recall, and suffer its earliest arrests.

Nuanced view of the once and future Anonymous

Biella Coleman and Michael Ralph write a long, nuanced rebuttal of Joseph Menn's recent FT article on Anonymous. Coleman, an academic who has done some fabulous work studying hackers, Anonymous and other 21st century anthropological phenomena, is the person I trust most to produce clear accounts of Anon, 4chan, and related subjects.

These hacks may also, as Menn notes, have unintended and far reaching consequences for all of us. As Menn notes, "Even some supporters worry that if the group continues on its current path, it could trigger a legislative backlash that would bring heightened monitoring at the expense of the privacy that Anonymous prizes." Still, it is crucial that we consider the broader historical perspective. This sort of "legislative backlash" has been in the works at least since 2001, with the Patriot Act, spurred by the terrorist attacks against the Twin Towers. And since that time, there have been many attempts to legislate acts that curtail privacy in the stipulated attempt to make the nation more secure. These legal developments have clearly not simply been instituted in the last year in response to hacks. No doubt, the hacking actions of Anonymous can be used to move legislative proposals into law more rapidly, but portrayals of nefarious hacker criminals also inflames fears about privacy that are long on emotion and short on substance.

Anon hackers are "criminals" in so far as any hacker has inevitably broken a host of laws; some individuals involved may also have a criminal history. And yet most hackers either implicitly or explicitly have critiques of the laws they are willing to transgress. Thus, the analyst must provide some account of the way that a given law can be conceived as either fulfilling or failing to fulfill the dual investment in freedom and security that defines life in the US polity at any given juncture and why hackers seek to trouble this distinction.

To make matters even more complicated, the work of some of the hackers in Anonymous includes modes of duplicity that some Anons self-consciously deploy; in transgressive hacker circles, these tactics include social engineering: the practice of duping humans for the purposes of gaining information or for spreading misinformation. Used by Anons, to various degrees, offensively and defensively, these forms of subterfuge raise a host of important questions about how to research, represent, and grapple with the significance of the politics of hacking, especially where a clandestine operation like Anonymous is concerned.

(Thanks, Biella!)

(Image: Anonymous Declaration of IndepenDance. Wallpaper (3923x4656), a Creative Commons Attribution (2.0) image from thinkanonymous's photostream)

Teenager said to be LulzSec's Topiary bailed


Photo: Tim Bradshaw of the Financial Times. Jake Davis, the 18-year-old Briton accused by police of being Lulz Security spokestweeter Topiary, is out on bail. Paul Sawers writes:

The suspected LulzSec member is accused of coordinating Anonymous and LulzSec attacks from his home in Yell, on the Shetland Islands. His laptop was examined and it apparently showed that he wrote a fake article claiming that Rupert Murdoch was dead, and such an article appeared on the Sun’s website recently when its own system was hacked. The hearing today also revealed that Davis’s computer had 750,000 people’s personal details, including private log-in information.
Source [TNW]