For at least the past eight months, the notorious, elusive hacker known as “Sabu,” the de facto leader of the LulzSec prankster cell, has been working for the FBI, helping law enforcement around the world gather evidence to arrest his former associates.
Last August, Hector Xavier Monsegur, 28, an unemployed father of two and legal guardian of underage siblings living in a housing project in New York City, pleaded guilty to 12 charges, including aggravated identity theft. Some of his crimes were related to his part in attacks against Visa, MasterCard and PayPal after those companies stopped processing donations to WikiLeaks.
Facing a two-year prison sentence and the threat of losing his children, Monsegur, who may have been the most influential member of the small LulzSec hacking group, flipped and began working for the FBI. He gave agents with a crucial inside source to help arrest still-active members of LulzSec and the larger Anonymous movement.
Monsegur’s indictment, which was unsealed in federal court today (March 6), can be viewed here. It links him to attacks on numerous governmental and corporate websites, says he stole, used and sold other people’s credit-card numbers and even hacked into an online auto-parts retailer to have engine components shipped to himself.
Last night and early this morning, raids in Chicago, London and Ireland netted five more alleged hackers, three of them affiliated with LulzSec.
One of them, 29-year-old Jake Davis aka “Topiary,” was previously arrested last summer at his home in the Shetland Islands of far northern Scotland. (His age was then given as 19.) The Justice Department’s press release says Davis, Monsegur, Ryan Ackroyd, 23, of Doncaster, South Yorkshire, England, aka “Kayla,” and Darren Martyn, 25, of Galway, Ireland, aka “pwnsauce,” were the core members of LulzSec.
Two others were charged in unrelated incidents. Jeremy Hammond, 27, of Chicago, aka “Anarchaos,” was allegedly a member of AntiSec, a different Anonymous spinoff group, and the main perpetrator behind the December hack into the email servers of Texas consulting group Strategic Forecasting, Inc. (StratFor).
Donncha O’Cearrbhail, 19, of Birr, in central Ireland, aka “Palladium,” was allegedly responsible for Anonymous’ eavedropping on a Jan. 17 conference call between Scotland Yard and the FBI regarding Anonymous. He allegedly had found the access information for the conference call in the personal email account of an Irish police officer. The recording of the conference call was posted on YouTube on Feb. 3.
Monsegur’s own indictment also details the numerous exploits of LulzSec, the group that fascinated the media and stymied authorities for 50 days last summer, harrassing everyone from the CIA and the U.S. Senate to the government of Brazil, the Arizona Department of Public Safety, Fox.com, PBS and Sony Pictures.
To help ensnare his former criminal colleagues, Monsegur disseminated false information in online interviews and from his popular AnonymousSabu Twitter account. Working out of FBI offices, and then at home on a continuously monitored FBI laptop, Monsegur also protected several government websites from hacks and at times urged his former minions to back off from attacking certain targets.
An FBI spokesperson told Fox News that with Monsegur’s help, the FBI notified 300 government, financial and corporate entities around the world to vulnerabilities in their networks, allowing the organizations to protect themselves.
The impact of Sabu’s unveiling has already been felt in the hacktivist world. Barrett Brown, an unofficial Anonymous spokesman, wrote on Twitter this morning that the FBI has raided his apartment. He ended his tweet with, “Sabu is a traitor.”