Lulz Sec Tango Down
In the Spring of 2011, the digital world seemed to be under attack from a group who called themselves “LulzSec.” I wrote about this group’s activities several times and was not pleased about the targets they chose. On more than one occasion this group targeted law enforcement agencies and released personal information about the agents and employees of these agencies, potentially putting them at risk of physical harm. At the time, it seemed like this morally challenged, yet technically literate, group of individuals simply could not be stopped.
As with many things in life, truth is much stranger than fiction. This story is an example of just that. In June of 2011, the FBI arrested a guy named Hector Xavier Monsegur a/k/a “Sabu.” He is alleged to be the so called leader of this group, LulzSec. I recently re-read some Internet chat logs involving LulzSec and it does seem that Sabu gave directions and others sought out his approval, thus it is highly likely that he is their leader. He did not have complete control over the group, however. Certainly hacks occurred that Sabu didn't either know about or participate in (Stratfor perhaps) After the arrest of Sabu, law enforcement did what they do best, they flipped Sabu. Based on the fact that Sabu, now “Hector”, is unemployed, lives in public housing in NYC and has two small children, getting him to cooperate was probably a foregone conclusion.
“Hey Hector, would you like to see your children without a thick piece of glass in between you and them? Because if you go to jail and get held on bail, that’s exactly what’s going to happen to you. Oh, and by the way, you'll probably lose your public housing status due to criminal charges... But, hey, we’re the FBI and we can make arrangements that you will be able to stay on the street and in your house with your kids, you just have to do us a couple of favors…”
And perform favors, it appears, is exactly what Hector did. From June 2011 until just last week, Hector was pretending to be the leader of LulzSec, yet working for the FBI the whole time. In August of 2011, Hector (as Sabu) had an online chat with someone going by “Virus.” This “virus” character flat out said that Sabu was working for the Government, and, well, he was right! Maybe “virus” is an agent, maybe a cooperator, or maybe just a very astute individual. See this exchange from August 11, 2011:
Virus (10:35:01 PM): you offered me pay for "Jennifer"'s Comcast data like a month or two back
Virus (10:35:12 PM): all I'm saying is, FBI informants do that
Sabu (10:47:56 PM): nice
Virus (10:48:31 PM): anyway, I'm ending this convo, quiet frankly, I don't care if you're working with the feds to clean up the mess you created and getting your so called "friends" arrested
Sabu (11:02:50 PM): go call the fbi and say you got sabu logs
Sabu (11:02:58 PM): that'll get you SOMETHING
Virus (11:02:59 PM): I'm absolutely positive, you already got raided, and are setting your friends up and when they're done draining you for information and arrests they'll sentence you and it'll make nose (sic)
During this exchange, Hector (Sabu) was probably sitting next to his FBI handler. Working with cooperators can be an ethical challenge. You have to allow the cooperator to continue in his devious ways without allowing them to cause any real damage. (at least in the wake of Whitey Bulger they should be thinking this way) Remember when “Anonymous” claimed to have intercepted a call between the FBI and the UK Met Police? The FBI would (should?) have known about this and maybe even watched them do it… risky, maybe. But if you listen to the call with the knowledge we have today, you have to wonder if they all knew they were being listened to, because they said a whole lot of nothing… And the key names were “bleeped” out of the released recording. So other than a possibly embarrassing moment, no real harm done.
During Hector’s time as an informant, he was able to deliver: “Kayla” (UK), “Topiary” (UK), “pwnsauce” (Ireland), “palladium” (Ireland) and “Anarchaos” (Chicago, US), to the FBI. After these individuals were arrested, the FBI issued the quote of the week:
We are chopping off the head of LulzSec...
So here we are one year after the “LulzSec” incidents, is it over? Can corporations around the world express a sigh of relief? Let’s not get ahead of ourselves…
LulzSec’s activity was annoying, embarrassing and yes, a crime. But they are not the most dangerous nor destructive group on this block. No sir. This was essentially a bunch of fairly bright, computer literate, kids. With their leader being all of 28 years old, their maturity level was apparent in their behavior. They were more like Internet graffiti artists than hard core hackers. But they did cause damage and now must pay.
I am glad to see that the FBI was able to break this group and wrap them up in a relatively short period of time. Hopefully, what happens next will send a message to the next “Lulz” group, that it’s just not worth it. This group wanted to have a cause, but if they did it was lost in translation because they became the definition of annoying.
Can any good come from this? In all likelihood, the LulzSec investigation with its international reach, was probably an excellent training op for law enforcement. That experience will be extremely valuable when the next Lulz rears its head – careful fellas, the FBI likes to chop off heads.
I am sure that we will continue to see Guy Fawkes masks and the headless logo of “Anonymous" for years to come. What will the FBI say if they take down Anonymous?