It has been revealed that Hector Xavier Monsegur, a.k.a. “Sabu,” had been arrested on June 7 of last year and pled guilty on August 15. Since his arrest, he has been working with the FBI to help them track down other hackers. It is now apparent that the personal details released last year were, in fact, accurate.
A bit of history is necessary to discuss the issues at hand with a degree of accuracy. LulzSec is an offshoot of Anonymous that formed around May of 2011. The group’s formation coincided with the vast amounts of media and press coverage surrounding various hacktivist activities by Anonymous.
In the months prior, CEO of HBGary Federal Aaron Barr claimed that he used social media and social engineering to obtain the personal details of a few Admins of the AnonOps IRC chatroom, namely “Q,” “Owen,” and “CommanderX.” Like LulzSec, AnonOps is a sub-group of the Anonymous collective, specializing in the hacking and compromising of web sites and networks.
Although the details are unclear, all research done after the fact points to Aaron Barr being far from the mark. Despite this, members of the group decided to retaliate by hacking the web sites of HBGary and HBGary Federal and attacking Aaron Barr himself. Key members of LulzSec, Sabu and topiary, were present during many of the conversations over IRC regarding the matter. This is important because they likely had a hand in operations done at the time and were in fact charged with such.
LulzSec began most of their operations in May of 2011. They targeted Fox News, PBS, and later Sony Pictures in response to Sony’s legal action against George Hotz for jailbreaking the PS3. Following this, they began hacking various video game industry, cyber-security industry, tech industry, and government agency targets. Most of their attacks took place in June; notably, Sabu was arrested on June 7, before the majority of their hackings. The unsealed court documents reveal that, from this point on, Sabu was working for the FBI. The FBI was given advance notice of attacks, allowed them to happen, and went so far as to even aide them by providing servers. This became relevant during the e-mail hackings of global intelligence company Strategic Forecasting when Sabu offered the hackers involved with this operation a server to store the data retrieved. Unbeknownst to them, this server was owned by the FBI, thereby allowing the FBI access to WikiLeaks data prior to publishing.
Also of note is that Jake Davis, a.k.a. “topiary,” was arrested on July 27, the same day that the LulzSec Twitter went dark. His arrest has been confirmed by an FBI press release and Scotland Yard. The FBI press release also confirmed the arrests of Ryan Ackroyd (“Kayla”), Darren Martyn (“pwnsauce”), Donncha O’Cearrbhail (“palladium”), and Jeremy Hammond (“Anarchaos”). The first four had been previously arrested and charged, but the last was arrested just yesterday.
Ackroyd, Davis, and Marytn have been charged with two counts of computer hacking conspiracy for a ten-year sentence each, and Davis also faces separate charges in the United Kingdom. O’Cearrbhail has been charged with only one count, carrying a ten-year sentence; while Hammond has been charged with one count of computer hacking conspiracy, one count of computer hacking, and one count of conspiracy to commit access device fraud for a total of thirty years.
While the others have not yet pled, Sabu pled guilty to his charges on August 15, 2011, and faces a maximum sentence of over 124 years. He had been charged with three counts of computer hacking conspiracy, five counts of computer hacking, one count of computer hacking in furtherance of fraud, one count of conspiracy to commit access device fraud, one count of conspiracy to commit bank fraud, and one count of aggravated identity theft. According to a Fox News exclusive, Sabu pled guilty and agreed to cooperate because of his two children.
Analysis: I think that one of the most important things to take into consideration is that, at the end of the day, Anonymous and all of its sub-groups are a fluid collective. Although some within the collective rise and fall, there is no stopping the collective as a whole. In the media, Anonymous is mostly viewed in a negative light as a group of hackers. In reality, Anonymous is everyone: it’s simply a term for those who view themselves as part of the Internet phenomena that enjoys its anonymity and supports Internet privacy and various other agendas. Although some of the collective choose to act as hacktivists, others do not. Anonymous as a collective has no real goals and thus exists in a truly neutral gray area.
That said, the whole ordeal with LulzSec proves that emerging from the collective and claiming personal credit for things like the hackings of last year only serve to make one a target for various government agencies. Truly, the strength of Anonymous lies in their numbers and anonymity. But the death of LulzSec does not mean the death of Anonymous, and the same will hold true to any similar sub-groups in the future.
Now that it’s clear that Sabu had been working for the FBI the majority of the time, one must wonder how much misdirection had been given through his persona on IRC and Twitter. As recently as two days ago, he had been blaming the company Cloudflare for the arrest of tflow, but how much of this is credible is unclear because his Twitter feed had been a mouthpiece for the FBI for nine months. Additionally, I find it laughable that his cooperation with the FBI was due to his children. While I understand the responsibility he has to them, his actions will likely serve to make them a target in the future. Anonymous may reside in a gray area, but they delve deeply into some dark matters when it comes to Internet harassment. Death threats and the like are not uncommon when they’re irked beyond a certain point. Failing this, his children will likely by the subject of ridicule even offline.
Ultimately, Sabu’s cooperation with the FBI is what proved to be the downfall of a number of prominent hackers in Anonymous. Whether this was a good thing or not is another matter entirely, but regardless of one’s viewpoint, this has large implications on the tech industry across the web and gamers by extension.