LulzSec hackers take a dive on account of a stoolie
Share Now on:
Okay, forgive, if you will, the 1940s gangster movie talk, but it’s a bit hard to resist when talking about the recent bust of several members of the LulzSec hacking collective. LulzSec, an offshoot of the group known as Anonymous, claimed responsibility for several high-level attacks on computer networks and always incorporated a mix of pranksterism with its hacks. The group has claimed credit for attacks on Sony, the U.S. Senate and CIA and PBS, among others.
Hector Xavier Monsegur, who went by the online name Sabu, was apparently arrested last summer and cut a deal with federal authorities wherein he agreed to secretly cooperate and feed information about his compatriots to law enforcement in exchange for leniency. A series of busts that happened yesterday morning were allegedly a result of information provided by Monsegur, whom the FBI is referring to as the head of LulzSec. The heat had a man on the inside, see.
“They were able to discover his identity when he slipped up online early last year in 2011,” says Chester Wisniewski of the security firm Sophos. “Some other hackers had identified who he was and were threatening to post it online. They were very concerned that he might bolt or start destroying evidence. So, they paid him a visit on June 7, 2011 to see if they could get him to cooperate in an investigation for fairer treatment to him or they were going to carry him off to prison.”
And he apparently went along with it. “He allegedly has provided information to continue to stay leading the group and secretly trading messages between the FBI and the continuing active members of Anonymous and LulzSec,” Wisniewski says.
But can a hacking group really have a leader? Isn’t the whole point that there are disparate elements strewn around the world but brought together by the Internet? “The sort of story that hacker organizations don’t have a leadership structure is a modern myth that spun out of how Anonymous operates,” says Molly Sauter of the MIT Media Lab.” LulzSec operated a little like some of the more old school hacker organizations where people had specific roles. There was a defined leadership structure and they operated more as a coherent unit than as a sort of amorphous flock-like creature that Anonymous operates like.”
Sauter says the idea that there was a snitch within the group could make this bust incredibly disruptive to hacking groups all over. “You can see this in any other protest movement,” she says, “The environmental movement has been rocked in the past by revelations that members of the movement were operating as government informants and it really does affect the level of trust in the community, and it can cause infighting. It does actually rock everything even if it doesn’t in and of itself have a direct effect on current operations.”
Which isn’t to say that these busts will bring an end to hacking itself. Arrests like this tend to make people think, oh, ok, the FBI’s rolled them up, everything’s safe,” according to security analyst Nick Selby. “And I would say that it really isn’t. I think the lessons we can learn from this are that we have to better secure our systems, we have to better secure our information, and have a better understanding of what risks we take when we put information online.”
Also on this program, a new way to get motivated to go for your run: have zombies chase you! Well, not REAL zombies, thank goodness, but the fake ones that live inside a new app called Run, Zombies! Presumably these aren’t the old-fashioned staggeringly slow zombies from old movies but a new kind of fleet and speedy zombie.