Feeds

LulzSec SMACKDOWN: Leader Sabu turned by feds last summer

Suspects cuffed in Blighty, Ireland, US

The Essential Guide to IT Transformation

Suspects purported to be members of LulzSec have been rounded up on two continents. The international law enforcement operation was apparently aided by the infamous hacktivist group's alleged erstwhile leader, "Sabu", who secretly pled guilty to a battery of charges last August.

Police arrested three men and charged a further two with conspiracy largely based on a case filed in New York federal court against Hector Xavier Monsegur, the man alleged to be LulzSec's former leader, who operated under the hacker handle Sabu. The US Attorney's Office named the following additional suspects in a statement supplied to the Register:

RYAN ACKROYD, a/k/a “kayla,” a/k/a “lol,” a/k/a “lolspoon,” [23, of Doncaster, United Kingdom] JAKE DAVIS, a/k/a “topiary,” a/k/a “atopiary,” [29, of Lerwick, Shetland Islands] DARREN MARTYN, a/k/a “pwnsauce,” a/k/a “raepsauce,” a/k/a “networkkitten,” [25, of Galway, Ireland] and DONNCHA O’CEARRBHAIL, a/k/a “palladium,” [19, of Birr, Ireland] who identified themselves as members of Anonymous, Internet Feds, and/or LulzSec, were charged in an Indictment unsealed today in Manhattan federal court with computer hacking conspiracy involving the hacks of Fox Broadcasting Company, Sony Pictures Entertainment, and the Public Broadcasting Service (“PBS”). O’CEARRBHAIL is also charged in a separate criminal Complaint with intentionally disclosing an unlawfully intercepted wire communication.

"This is devastating to the organisation," an unnamed FBI official involved with the investigation told FoxNews. "We’re chopping off the head of LulzSec."

Monsegur, 28, resident in New York City, was arrested by the FBI in June and has apparently acted as an informant against his crew since.

A copy of the indictment against Monsegur is available here (PDF). He's charged with computer hacking, fraud and conspiracy charges stemming from attacks run by both Anonymous and LulzSec against numerous targets. According to the indictment, Monsegur's role in the alleged hacks was to look for vulnerabilities in websites that were then allegedly exploited either by him or other hackers.

Monsegur pled guilty on August 15, 2011 to three counts of computer hacking conspiracy, five counts of computer hacking, one count of computer hacking in furtherance of fraud, one count of conspiracy to commit access device fraud, one count of conspiracy to commit bank fraud, and one count of aggravated identity theft. He faces a maximum sentence of 124 years and six months in prison, according to the US Attorney.

A fifth suspect, Jeremy Hammond (alleged to be Anarchaos), of Chicago has been arrested under a separate indictment.

Hammond, who has been arrested on access device fraud and hacking charges, is suspected of involvement in the December Anonymous hack on security intelligence outfit Stratfor.

Davis from Shetland, Scotland was arrested by British police last July and already faces computer hacking offences. The arrest followed weeks after the arrest of Ryan Cleary, a 19-year-old from Essex, who allegedly ran an IRC channel used by LulzSec. UK police also arrested a 16-year-old alleged hacker last July, who can't be named for legal reasons.

Garda Síochána (Irish police) told the Register they had arrested one adult man in his late teens on Tuesday morning and he's been taken taken to a Dublin police station for questioning. The suspect was arrested under Section 4 of the Criminal Justice Act, a section of the Irish penal code that covers serious offences such as fraud.

According to the US Attorney:

O’CEARRBHAIL hacked into the personal email account of an officer with Ireland’s national police service, the An Garda Siochana (the “Garda”). Because the Garda officer had forwarded work emails to a personal account, O’CEARRBHAIL learned information about how to access a conference call that the Garda, the FBI, and other law enforcement agencies were planning to hold on January 17, 2012, regarding international investigations of Anonymous and other hacking groups. O’CEARRBHAIL then accessed and secretly recorded the January 17 international law enforcement conference call, and then disseminated the illegally-obtained recording to others.

LulzSec began as a splinter group of Anonymous prior to mounting scores of high-profile hacks over as a seven-week period before disbanding in late June last year. Its targets included HB Gary Federal; defence contractors; police departments; FBI-affiliated security firms; the CIA, the US Senate; online gaming operations, including EVE Online; and corporations including Fox, News Corporation, Sony and many others. Tactics included website defacement and hacking followed by the public release of information housed on insecure systems – including email spools in the case of HB Gary Federal – and occasionally denial of service attacks.

After disbanding, the group returned to the Anonymous fold, most notably taking part in OpAntiSec exercises designed to expose the shortcomings of white-hat security firms as well as operations in support of the Occupy movement, in support of the Arab Spring protests in the Middle East, and in support of WikiLeaks.

The US Attorney's statement can now be read in pdf here. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.