Feeds

Feds arrest 16 in Anonymous hack probe

PayPal avenged for 'Operation Avenge Assange'

Providing a secure and efficient Helpdesk

Federal officials arrested 16 people accused of carrying out computer crimes that damaged or breached protected systems, including a December attack organized by the Anonymous hacker collective on PayPal that caused numerous service disruptions.

Fourteen suspects from 10 states were accused of participating in “Operation Avenge Assange,” which sought to punish the eBay-owned payment service for suspending an account belonging to whistle-blower website WikiLeaks. Using a tool known as the Low Orbit Ion Cannon and distributed by Anonymous members, they allegedly helped to coordinate an attack that bombarded PayPal servers with more traffic than they were designed to handle.

Members of Anonymous gathered in internet relay channels to plan and carry out the attack against PayPal, which banned WikiLeaks a few weeks after publishing hundreds of thousands of classified US State Department memos. The indictment, which was filed last week in federal court in San José, California, was unsealed Tuesday, just hours after it was widely reported that FBI agents had raided the homes of suspected Anonymous members.

They were charged with counts of conspiracy and intentional damage to a protected computer, and were scheduled to appear Tuesday in various federal courthouses near where they were arrested.

Thirteen of the suspects were identified as: Christopher Wayne Cooper, 23, aka "Anthrophobic"; Joshua John Covelli, 26, aka "Absolem" and "Toxic"; Keith Wilson Downey, 26; Mercedes Renee Haefer, 20, aka "No" and "MMMM"; Donald Husband, 29, aka "Ananon"; Vincent Charles Kershaw, 27, aka "Trivette", "Triv", and "Reaper"; Ethan Miles, 33; James C. Murphy, 36; Drew Alan Phillips, 26, aka "Drew010"; Jeffrey Puglisi, 28, aka "Jeffer", "Jefferp", and "Ji"; Daniel Sullivan, 22; Tracy Ann Valenzuela, 42; and Christopher Quang Vo, 22.

The name of one suspect was withheld.

Federal prosecutors announced the arrests of two other people who were charged with computer offenses that may have been related to hacks credited to LulzSec, which many believe to be a splinter group of Anonymous.

Scott Matthew Arciszewski, a 21-year-old student at the University of Central Florida, illegally accessed a website operated by the FBI-affiliated Infragard, a criminal complaint filed last week in Tampa alleged. He then uploaded three files he named “aspydrv.asp;jpg” – and, yes, the indictment includes that semicolon in the filename – which “caused damage to the server by impairing the integrity of the server,” according to FBI Special Agent Adam R. Malone, who prepared the document.

Arciszewski allegedly referred to the intrusion on his Twitter account and included a link to instructions for others to compromise the site.

Arciszewski's alleged June 21 hack came two weeks after LulzSec took credit for breaching the security of Infragard systems, defacing its website, and leaking its email database in the process.

A 16th suspect was accused in a separate complaint filed in federal court in New Jersey of stealing confidential business information stored on AT&T servers and posting it to the internet. Lance Moore, 21, of Las Cruces, New Mexico, allegedly used his position as a customer support contractor for the telecom giant to obtain the data, and then, in April, to post it to Fileape.com, which promises never to store the IP addresses of its users.

In late June, LulzSec announced it had acquired the data and recirculated it as part of a massive bittorrent upload.

In all, FBI agents executed 35 search warrants on Tuesday throughout the US as part of an ongoing investigation into coordinated “cyber attacks” against major companies and organizations. In a press release, prosecutors said Tuesday's arrests coincided with the arrests of one person in the UK's Metropolitan Police Service and four individuals by the Dutch National Police Agency. Those detentions were related to unspecified “cyber crimes.”

To date, more than 75 searches have taken place in the US as part of the investigation. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.