Feeds

The one tiny slip that put LulzSec chief Sabu in the FBI's pocket

IRC relays 'infiltrated by the feds'

The Power of One eBook: Top reasons to choose HP BladeSystem

How Monsegur's role became public

Police detained five men largely based on information supplied by Monsegur. Following these arrests the indictment against Monsegur was unsealed on Tuesday and his admission to a string of computer hacking, conspiracy and fraud charges – as well as his role as an informant – became public knowledge for the first time. According to the indictment, Monsegur's role was to look for vulnerabilities in websites that were then exploited either by himself or other alleged hackers in LulzSec or Anonymous.

In the unsealed indictment, Monsegur pleaded guilty to taking part in the hack attack against HB Gary, stealing information about X-Factor contestants after breaking into systems at Fox, as well as hacks against FBI-affiliated computer security association Infraguard. Hacks against PBS and Sony Pictures also appear on the charge sheet.

He has also pleaded guilty to using stolen credit card information to pay for car parts valued at $3,450. Monsegur also admitted profiting by selling on the login details of compromised bank accounts, a form of aggravated identity theft.

The FBI said that information supplied by Monsegur allowed it to charge four men with offences linked to LulzSec and another US man regarding the high-profile hack on Stratfor, the private-sector intelligence firm, as explained in a statement here.

Ryan Ackroyd (AKA Kayla), 23, of Doncaster, United Kingdom, Jake Davis (AKA Topiary), 29, of Lerwick, Shetland Islands, Darren Martyn (AKA pwnsauce), 25, of Galway, Ireland, and Donncha O’Cearrbhail (AKA palladium), 19, of Birr, Ireland, were charged with various offences connected to LulzSec. The quartet are accused of conspiring to hack Fox Broadcasting Company, Sony Pictures Entertainment, and the Public Broadcasting Service (PBS).

O’Cearrbhail was further charged in a separate case with intentionally disclosing an unlawfully intercepted wire communication - a conference call between law enforcement officers on both sides of the Atlantic discussing investigations against members of Anonymous that was leaked by the hacktivist collective last month.

It now seems likely that those taking part in the call were likely tipped off that an eavesdropper was on the line or at least that the leaked excerpt was screened by Monsegur and his FBI handlers.

A fifth suspect – Jeremy Hammond (AKA Anarchaos), 27, of Chicago, Illinois – was arrested on access device fraud and hacking charges, and is suspected of involvement in the December Anonymous hack on security intelligence outfit Stratfor.

LulzSec began as a splinter group separated off from anarchic online collective Anonymous prior to mounting scores of high-profile hacks over a seven-week period before disbanding in late June last year, shortly after Monsegur's initial arrest. Its targets included HB Gary Federal, defence contractors, police departments, FBI-affiliated security firms, the CIA, the US Senate, online gaming operations including EVE Online and corporations including Fox, News Corporation, Sony and many others.

Website defacement and the extraction and release of sensitive information siphoned away from insecure systems were among the activists group's typical tactics.

After disbanding the group returned to the Anonymous fold, most notably taking part in OpAntiSec operations designed to expose poor corporate security and show support for various political causes including the Occupy movement and the Arab Spring protests, among others.

Sabu signed off from his @AnonymousSabu account hours before news of Monsegur's arrest – and co-operation with the FBI – became public knowledge with a quote from Marxist revolutionary Rosa Luxemburg. The German message translates as: "The revolution says I am, I was, I will be." ®

Bootnotes

1It's unclear at the time of writing whether this compromised access was linked to the July 2011 arrest of a 19-year-old from Essex, who allegedly ran an IRC channel used by LulzSec.

2Sabu took his handle from a New York-born pro-wrestler who billed himself as a Saudi Arabian to incite jingoistic crowds. "Sabu the Elephant Boy" played the bad guy in bouts and had a reputation for shedding as much blood as he drew during his heyday in the '80s and '90s. Sabu also means father in Arabic but that seems to have been something of a coincidence.

3The close monitoring is at least partially explained by the case of Albert Gonzalez, a cybercrook who went on to mastermind the multi-million Heartland Systems and TJ Maxx credit card frauds at the same time as working as an US Secret Service informant. Gonzalez was jailed for 20 years in March 2010.

The Power of One eBook: Top reasons to choose HP BladeSystem

More from The Register

next story
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
BMW's ConnectedDrive falls over, bosses blame upgrade snafu
Traffic flows up 20% as motorway middle lanes miraculously unclog
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.