Feeds

The one tiny slip that put LulzSec chief Sabu in the FBI's pocket

IRC relays 'infiltrated by the feds'

Top 5 reasons to deploy VMware with Tegile

How Monsegur's role became public

Police detained five men largely based on information supplied by Monsegur. Following these arrests the indictment against Monsegur was unsealed on Tuesday and his admission to a string of computer hacking, conspiracy and fraud charges – as well as his role as an informant – became public knowledge for the first time. According to the indictment, Monsegur's role was to look for vulnerabilities in websites that were then exploited either by himself or other alleged hackers in LulzSec or Anonymous.

In the unsealed indictment, Monsegur pleaded guilty to taking part in the hack attack against HB Gary, stealing information about X-Factor contestants after breaking into systems at Fox, as well as hacks against FBI-affiliated computer security association Infraguard. Hacks against PBS and Sony Pictures also appear on the charge sheet.

He has also pleaded guilty to using stolen credit card information to pay for car parts valued at $3,450. Monsegur also admitted profiting by selling on the login details of compromised bank accounts, a form of aggravated identity theft.

The FBI said that information supplied by Monsegur allowed it to charge four men with offences linked to LulzSec and another US man regarding the high-profile hack on Stratfor, the private-sector intelligence firm, as explained in a statement here.

Ryan Ackroyd (AKA Kayla), 23, of Doncaster, United Kingdom, Jake Davis (AKA Topiary), 29, of Lerwick, Shetland Islands, Darren Martyn (AKA pwnsauce), 25, of Galway, Ireland, and Donncha O’Cearrbhail (AKA palladium), 19, of Birr, Ireland, were charged with various offences connected to LulzSec. The quartet are accused of conspiring to hack Fox Broadcasting Company, Sony Pictures Entertainment, and the Public Broadcasting Service (PBS).

O’Cearrbhail was further charged in a separate case with intentionally disclosing an unlawfully intercepted wire communication - a conference call between law enforcement officers on both sides of the Atlantic discussing investigations against members of Anonymous that was leaked by the hacktivist collective last month.

It now seems likely that those taking part in the call were likely tipped off that an eavesdropper was on the line or at least that the leaked excerpt was screened by Monsegur and his FBI handlers.

A fifth suspect – Jeremy Hammond (AKA Anarchaos), 27, of Chicago, Illinois – was arrested on access device fraud and hacking charges, and is suspected of involvement in the December Anonymous hack on security intelligence outfit Stratfor.

LulzSec began as a splinter group separated off from anarchic online collective Anonymous prior to mounting scores of high-profile hacks over a seven-week period before disbanding in late June last year, shortly after Monsegur's initial arrest. Its targets included HB Gary Federal, defence contractors, police departments, FBI-affiliated security firms, the CIA, the US Senate, online gaming operations including EVE Online and corporations including Fox, News Corporation, Sony and many others.

Website defacement and the extraction and release of sensitive information siphoned away from insecure systems were among the activists group's typical tactics.

After disbanding the group returned to the Anonymous fold, most notably taking part in OpAntiSec operations designed to expose poor corporate security and show support for various political causes including the Occupy movement and the Arab Spring protests, among others.

Sabu signed off from his @AnonymousSabu account hours before news of Monsegur's arrest – and co-operation with the FBI – became public knowledge with a quote from Marxist revolutionary Rosa Luxemburg. The German message translates as: "The revolution says I am, I was, I will be." ®

Bootnotes

1It's unclear at the time of writing whether this compromised access was linked to the July 2011 arrest of a 19-year-old from Essex, who allegedly ran an IRC channel used by LulzSec.

2Sabu took his handle from a New York-born pro-wrestler who billed himself as a Saudi Arabian to incite jingoistic crowds. "Sabu the Elephant Boy" played the bad guy in bouts and had a reputation for shedding as much blood as he drew during his heyday in the '80s and '90s. Sabu also means father in Arabic but that seems to have been something of a coincidence.

3The close monitoring is at least partially explained by the case of Albert Gonzalez, a cybercrook who went on to mastermind the multi-million Heartland Systems and TJ Maxx credit card frauds at the same time as working as an US Secret Service informant. Gonzalez was jailed for 20 years in March 2010.

Internet Security Threat Report 2014

More from The Register

next story
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Home Depot ignored staff warnings of security fail laundry list
'Just use cash', former security staffer warns friends
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
BitTorrent's peer-to-peer chat app Bleep goes live as public alpha
A good day for privacy as invisble.im also reveals its approach to untraceable chats
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.