FBI Says LulzSec Hacker Kingpin Was an Informant

This article is from the archive of our partner .

(Updated 11:30 a.m.) The Federal Bureau of Investigation says that they've identified and arrested all of the key members of the now defunct hacktivist group LulzSec thanks to the clandestine cooperation of the group's chief who told many of Anonymous's secrets. According to Fox News' sources, the hacker that goes by the handle Sabu -- a.k.a. Hector Xavier Monsegur, an unemployed father of two living in New York City -- has been feeding the Feds information since they unmasked him last summer. But those familiar with the hacker ways will know that doxing (that's hackerspeak for exposing one's true identity) can be a very complex game, and this is hardly the first time that someone's claimed to identify Sabu or other LulzSec leaders.

The timeline that Fox News lays out makes sense for a few reasons. Monsegur's name, address, and personal information appeared online last June, and he was identified then as Sabu. However, that became one of many real identities that have become linked to the Sabu handle. In July, a fellow hacker said that Sabu was an IT professional from Portugal named Hugo Carvahlo, but that turned out to be false, like many other attempts to reveal him. The Feds don't fool around, though. And they're certainly proud of their bounty. "This is devastating to the organization,” an FBI official involved with the investigation told Fox News. “We’re chopping off the head of LulzSec.”

Recommended Reading

From the way Fox News tells the story, the downfall of LulzSec is complete. Citing "numerous senior-level officials," Fox News' Jana Winter named five hackers as those senior members whom Sabu ratted out:

  • Ryan Ackroyd, aka 'Kayla' (U.K.)
  • Jake Davis, aka 'Topiary' (U.K.) 
  • Darren Martyn, aka 'pwnsauce' (Ireland)
  • Donncha O’Cearrbhail, aka 'palladium,' (Ireland)
  • Jeremy Hammond aka 'Anarchaos' (Chicago)

Nevertheless, we remain somewhat skeptical about what's actually happening with the FBI's continued struggle to break into the hacker community. It's possible that they did grab the wrong Sabu or that Sabu is actually the identify of several Anonymous affiliates. We won't know until we see the court documents and the information about Sabu is finally revealed. 

Update: The FBI complaint on Monsegnur hit the web later on Tuesday morning and offers a fascinating look inside the work of Anonymous and LulzSec. In total the document signed by U.S. Attorney Preet Bharara, the same guy who brings down big banks, lists seven counts that range from fraud to computer hacking to identity theft. There's even a Julian Assange cameo:

Under the charge of "conspiracy to engage in computer hacking," the paperwork reveals that Monsegnur -- a.k.a. Sabu, Xavier DeLeon, Leon -- worked as a "rooter" which means that he "identified vulnerabilities in the computer systems of potential victims" and "either passed on the information to other hackers, who sought to exploit them, or … exploited the vulnerabilities himself." The document goes on to detail Monsegnur's involvement in the major Anonymous operations like the takedown of PayPal's network Operation Payback, Operation Tunisia, Operation Algeria, Operation Yemen and Operation Zimbabwe. And that's just from the Anonymous section.

Monsegnur faces two other, separate charges of conspiracy for his activities with LulzSec and Internet Feds, the group responsible for last year's HB Gary hack. In addition to those listed above, the details under the LulzSec charges includes references to the hackers Tflow and AVUnit. That list of victims is longer and includes Sony, PBS, Nintendo, The Atlanta, Unveillance, the U.S. Senate and Bethesda Softworks. Other charges include computer hacking in furtherance of fraud, conspiracy to commit device access fraud, conspiracy to commit bank fraud and aggravated identity theft. The U.S. Attorney makes it very clear that Monsegnur's property will be seized and a number of fines will likely be imposed. We'll have to wait and see about the likelihood of jail time. In his second to last tweet before news broke of his being charged, Monsegnur tweeted as Sabu from his BlackBerry, "The federal government is run by a bunch of fucking cowards. Don't give in to these people. Fight back. Stay strong."

This article is from the archive of our partner The Wire.