Arrests Made in LulzSec / Anonymous Cases

Posted on 6 March 2012 by

3


Fox News is reporting that after Hector Xavier Monsegur, AKA Sabu AKA @AnonymousSabu, a computer hacker associated with the criminal hacking groups Anonymous and LulzSec, was confronted with charges which would likely lead to two years in prison, he became a cooperating witness for the FBI. That, Fox reports separately, led to a number of arrests of members of the groups.

As we were not involved in the arrests and are not journalists, we’ll wait until we can read reports and speak with investigators before we have anything to say about that. You can hear me discussing the issue, and lessons learned, on NPR’s Marketplace.

In the meantime, the website Gizmodo has some interesting analysis of the arrest, and of Sabu himself, which is worth reading – if only to see how another hacker claims to have hipped himself to Sabu’s cooperation through some textbook counter-intel comprising observational skills, listening carefully to what was being said, observing a lapse in Sabu’s online presence and a change in his behavior on his return.

UPDATE: On 16 August 2011, in a conversation with another hacker in a chat session, Sabu was accused of working with the FBI in a fairly prophetic exchange:

Virus (11:02:59 PM): I’m absolutely positive, you already got raided, and are setting your friends up and when they’re done draining you for information and arrests they’ll sentence you and it’ll make nose

Sabu (11:03:41 PM): if you knew me at all

Sabu (11:03:49 PM): you’d know that if I were raided

Sabu (11:03:54 PM): I’d take myself down if anything

Sabu (11:03:57 PM): I’m the martyr type

Sabu (11:04:01 PM): I grew up in the streets

Virus (11:04:02 PM): it’s a hunch, I’m always right

Sabu (11:04:08 PM): this time you’re wrong

Sabu (11:04:36 PM): I rather go down for my own shit than take down my own niggas

Sabu (11:04:38 PM): which is funny

Sabu (11:04:39 PM): and ironic

Virus (11:04:43 PM): if you think I’m an NYPD informant because I got offended by your inane accusation, then go ahead, believe what you want. I really don’t give a rats ass.

Sabu (11:04:51 PM): because my boys that were arrested in uk are probably singing tunes beautifully

Sabu (11:05:06 PM): and I clearly don’t give a fuck

Sabu (11:05:09 PM): because no ones getting me

Virus (11:05:12 PM): I’m pretty sure they are, for the sake of their futures

Virus (11:05:13 PM): most do

Virus (11:05:18 PM): especially since they’re of age

Virus (11:05:32 PM): you were already “got”

Virus (11:05:39 PM): it’s obvious you’re singing like a birdy

Sabu (11:05:48 PM): heh

Sabu (11:05:54 PM): you’re getting really tiring with that

Sabu (11:06:09 PM): I never gave you any reason to think that. andi ts funny when people are guilty of something

What we will say is that the barrier to entry for imitators and at-large members of these groups to research, surveil and carry out attacks against cyber targets remains unacceptably low. While this may be the end or a serious blow to the LulzSec crowd, groups of hackers intent on causing damage pre-date and will certainly post-date these events. Don’t bet that attacks will stop, and from what Dave and I have seen in visits to agencies around the country, we sadly would not bet that administrators will learn the lessons of past hacks anytime soon.

At the RSA Security Conference in San Francisco last week, I met with several industry wags who were discussing the Anonymous phenomenon, and one said, “Anonymous is a mirror to our own neglect.” I reject the concept not because I disagree that hacks such as the ones Anonymous was involved with highlight neglect on the part of those hacked – they do – but rather because I believe that a mirror is objective.

I’d much prefer to state that Anonymous is a funhouse mirror of our own neglect: certain aspects of it will be distorted beyond recognition, blown out of all reasonable proportion. And if you’re particularly sensitive about whether your butt looks big (or whether your inputs aren’t sanitized), you’re likely to get offended looking too closely.

Read court papers:

Ackroyd et al Indictment

Hector Xaview Monsegur indictment

Jeremy Hammond indictment

Donncha Cearrbhail complaint