Feeds

UK Cops 'duped' into arresting wrong LulzSec suspect

Will the real Topiary please stand up?

Securing Web Applications Made Simple and Scalable

The 19-year-old Scotsman fingered Wednesday as a central figure of the LulzSec hacking crew is a fall guy who was framed to take the heat off the real culprit, according to unconfirmed claims from a rival group.

“We believe MET Police got the wrong guy and it happens because of lot of disinformation floating on the web,” a Thursday post on the LulzSec Exposed blog said. “LulzSec and Anonymous members are Master trolls and they are good at this.”

According to the post, penned by members of a group calling itself the Web Ninjas, the real LulzSec figure known as Topiary is a 23-year-old Swede, who stole the handle from a low-level member after he ran afoul of its parent group Anonymous. The mistaken identity was part of an elaborate ruse to confuse authorities about Topiary's true identity, the speculation claims.

The post comes a day after the Metropolitan Police said a "pre-planned intelligence-led operation" led them to a residential address in the Shetland Islands, off the North Coast of Scotland. That's where they apprehended an unnamed 19-year-old man and transported him to London for questioning. Police said they also questioned a 17-year-old from Lincolnshire and searched his home.

Thursday's post is devoid of any smoking guns, as is the case with almost all claims made in the shadowy world of anonymous people claiming to be elite hackers. For proof it points to this page purporting to contain information, pictures and videos of the real Topiary. The individual portrayed is almost certainly not that of the Scotsman arrested Wednesday.

Additional evidence comes by way of a chat log published near the bottom of this page purporting to show the real Topiary agonizing over the possibility that police are closing in on him.

“If I go hide then people will assume the dox are right,” he says, referring to the information posted on LulzSec Exposed. “So I'll just act like they failed hard.”

Several lines later, referring to the individual he stole his nick from, Topiary says: “I'm hoping someone will go after him and think it's me, then I'll act all scared etc. ANYTHING to divert attention from that fuckign nameshub.”

Of course, the chat log could have been fabricated by just about anyone, including people who want to generate doubt in the minds of Metropolitan Police investigators. With anonymous figures pursuing multiple levels of subterfuge, separating truth from fiction has become a full-time occupation for those trying to unravel this saga. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.