Paranoia: LulzSec leader Sabu was working for us, says FBI

[Jan Klimkowski]

Hackers arrested and turned.

The infiltration of agent provocateurs.

Designed both to undermine and delegitimize protest and to create paranoia.

To make people of integrity doubt the honour of their fellow protestors.

LulzSec leader Sabu was working for us, says FBI

Hacking group leader, identified as Hector Xavier Monsegur, revealed as FBI mole as five other alleged LulzSec members arrested
Charles Arthur
guardian.co.uk, Tuesday 6 March 2012 16.19 GMT


The FBI has struck a major blow against hacking groups after arresting or charging five key members of the LulzSec hacking crew and revealing that the head of the group, who went by the nickname "Sabu", has been working for it since the middle of 2011.

Hector Xavier Monsegur, known as Sabu, was charged with 12 criminal counts of conspiracy to engage in computer hacking and other crimes in court papers in Manhattan federal court.

Monsegur, an unemployed 28-year-old Puerto Rican living in New York, pleaded guilty to carrying out online attacks against PayPal and Mastercard, documents unsealed in a Manhattan court on Tuesday shows.

The charges were filed via a "criminal information" form, which means the suspect, Sabu, has likely been cooperating with the government.

Five other people two in the UK, two in Ireland and one in Chicago were either arrested or charged by the FBI on Tuesday.

LulzSec, a hacking crew of up to 10 people, and the hacking collective Anonymous have taken credit for carrying out a number of high-profile hacking actions against companies and institutions including the CIA, Britain's Serious Organized Crime Agency, Japan's Sony Corp and Mexican government websites.

But the explosive revelation that LulzSec's leader was cooperating with the FBI, even while he was claiming to hate the government, could lead to the arrest of other hackers within the broader Anonymous group.

It will also heighten distrust among the more powerful members of the collective where paranoia about security always runs high anyway.

An FBI official was quoted by Fox News, which broke the story, as saying: "This is devastating to the organisation … we're chopping off the head of LulzSec."

LulzSec span out of Anonymous, the loose hacking collective, around the beginning of 2011, and engaged on a series of hacks into large and small organisations

But tensions within the group became evident from leaked chat logs published in June last year which showed Sabu, as the head of the group, struggling to maintain order as some members of the group worried that they had gone too far in attacking an FBI-affiliated site.

At that time, Sabu was still on the hackers' side but according to Fox News, the FBI tracked him down, possibly with the help of information gathered by rival hackers such as The Jester, thought to be an ex-US military member who took against LulzSec and its objectives early on. He was one of a number of hackers who connected Sabu with Monsegur last year.

A key clue that Sabu might have been captured came last summer, when his Twitter feed usually active almost around the clock suddenly went quiet for roughly two months.

[Magda Hassan]

http://www.scribd.com/doc/84141558/Sabu-Court-Dox

[Magda Hassan]

The FBI and others such are involved n a game of cat hearding. You can't jail an idea. And there is nothing more dangerous than an idea whose time has come. The genie is out and its not going back in the bottle.

[Magda Hassan]

All the latest on the unmasking of LulzSec leader "Sabu," arrests (updated)

By Jon Brodkin | Published about 10 hours ago
LulzSec mastermind "Sabu" was identified today as 28-year-old Hector Monsegur, who has been working with the FBI since being arrested last summer and pleaded guilty to computer hacking crimes. We're digging into court documents and planning detailed coverage of the story, but no one site can cover every aspect. So we're going to keep an updated list of the top stories and happenings throughout the day. (We'll put new links at the top.)
CSO describes an FBI official's claim that "We're chopping off the head of LulzSec," but says LulzSec is pretty small compared to the overall Anonymous movement. There's no reason to believe "that the hacktivist element of Anonymous will fall apart because of this," one security company executive notes.
The Guardian has posted the full text of some of the documents from the indictments against LulzSec members. The paper also has an analysis of the court papers, detailing Monsegur's cooperation with the FBI. The story notes Monsegur providing the FBI advance notice of attacks, which the FBI apparently allowed to proceed. "The FBI even provided its own servers for members of hacking collectives to use."
WikiLeaks tweeted a link to LulzSec chat logs from last August, saying the text shows "FBI informant Sabu tried to entrap anonymous hackers with $ for info."
Gawker has posted a story saying Monsegur was arrested on Feb. 3 in New York City by NYPD for attempting to pass himself off as an FBI agent.
Self-appointed Anonymous spokesman Barrett Brown told the New York Times that he received advance warning of the FBI raid on his home in Dallas, and that he hid his laptops to avoid them being found. Brown promised that "Anonymous will go forward as usual. So will I. We hired an army of lawyers last January. We are prepared for a big slug-out." (The quote seems to have been deleted from the Times story, although a portion of the quote exists in another Times article and the full quote appears in some other accounts.)
Fox News kicked it off this morning with an exclusive look into the FBI raid on Monsegur's New York apartment last June. Monsegur had normally been cautious, but slipped up one day when he "logged into an Internet relay chatroom from his own IP address without masking it." Fox News notes that "All it took was once. The feds had a fix on him."
Monsegur pleaded guilty on August 15 to conspiracy to engage in computer hacking, a plea only made public today.
Monsegur and five other members of Anonymous, LulzSec, and other groups were charged with various crimes including last year's famous attack against security firm HBGary Federal, and one against private intelligence firm Strategic Forecasting (or Stratfor), Bloomberg reports. In addition to Monsegur, Ryan Ackroyd, Jake Davis, Darren Martyn, Donncha O'Cearrbhail, and Jeremy Hammond were the names of the other alleged hackers. Other crimes pinned against some or all of the six defendants include attacks on Fox Broadcasting, the Chicago Tribune parent Tribune Co., and the government websites of Algeria, Yemen, and Zimbabwe.
The FBI press release has many details about the arrests and specific charges, saying the victims of the six hackers numbered over 1 million.
Barrett Brown said the arrested hackers formed the de facto leadership of Anonymous, and called Monsegur "an absolute traitor," the same Bloomberg story also notes.
FBI officials raided a Chicago home yesterday in connection with an investigation into the LulzSec and Anonymous hacking groups, the Chicago Tribune reports, citing an unnamed law enforcement source. The story does not say whose home was raided, but Bloomberg noted that Hammond was arrested in Chicago for crimes related to the Stratfor hack.
Consulting firm Errata Security has posted its own notes on the Sabu arrest, calling it "a good lesson for Tor users. Tor, itself, is not enough to keep your identity hidden." Monsegur was a Tor user, although he was caught after logging on to IRC without going through Tor.
The Anonymous Twitter account AnonOps sent out a terse message stating "@anonymouSabu is now controlled by feds. We have blocked the account and we suggest you do as well. #BlockAnonymouSabu."
Another Anonymous Twitter account promised to fight on in its own decentralized way, saying "We don't have a leader." A site called "Death and Taxes" downplayed the arrests' impact on Anonymous, noting that the belief that "Sabu" was a rat has been circulating in the hacking community for months. "Anonymous has grown beyond LulzSec and Sabu," the article states.
Before the indictment unsealing yesterday, the Twitter account allegedly run by "Sabu" tweeted "The federal government is run by a bunch of fucking cowards. Don't give in to these people. Fight back. Stay strong."
The Wikipedia page on Sabu has been updated to reflect Monsegur's arrest, and we'd imagine it will undergo quite an overhaul in the next few days.

http://arstechnica.com/tech-policy/news/...rrests.ars

[Magda Hassan]

http://www.scribd.com/doc/84141558/Sabu-Court-Dox

Paragraph 10 is very illuminating.....

[Peter Lemkin]

AMY GOODMAN: We turn now to the government crackdown on a loose, large network of politically inspired "hacktivists." On Tuesday, four men in Britain and Ireland were charged with computer crimes; a fifth man was arrested Monday in Chicago. They were part of a group called "LulzSec," affiliated with Anonymous, which has taken credit for a number of cyber-raids against entities such as Rupert Murdoch's News Corporation, the intelligence consultancy Stratfor, and the Irish political party Fine Gael. The group has also waged cyber-attacks against Fox News, the PBS website, Sony Pictures, and the U.S. Senate. Additionally, LulzSec was involved in shutting credit card company websites after they refused to accept donations to WikiLeaks.
Well, in a shocking revelation, the hacktivists may have been turned in by none other than the group's own leader, LulzSec's chief hacker, 28-year-old now identified as Hector Xavier Monsegur, better known by his alias Sabu. Apparently, Monsegur was caught last summer and, according to the FBI, has been working as an informant ever since. He allegedly directed fellow hackers from his public housing project in New York while turning around and feeding the feds enough incriminating evidence to build a case against his cyber-comrades. Just last week, Interpol announced the arrests of 25 people suspected of being Anonymous members in Europe. Monsegur reacted to that news on Twitter by urging sympathizers to attack Interpol's website.
According to The Guardian in Britain, Monsegur may have also provided an FBI-owned computer to facilitate the release of five million emails taken from the private intelligence firm Stratfor and which are now being published by WikiLeaks. This suggests the FBI has insight into the internal discussions between Julian Assange of WikiLeaks and the hacking group Anonymous. Although no motives have been confirmed, some believe this is part of a larger strategy to build a case against Julian Assange. An internal email from Stratfor recently revealed that the Justice Department has already obtained a sealed indictment against Assange.
For more, we're joined by two guests. We'll start with our guest in Boston, Massachusetts, Gregg Housh. He's a former Anonymous activist who remains in touch with members.
Welcome, Greg. Talk about this latest revelation. Who is Sabu? What's your relationship with him? And what does this all mean?
GREGG HOUSH: Well, Sabu was with Anonymous before he was with LulzSec. They sort of split off after the HBGary hack. And I guess you could call him sort of a de facto leader of Lulz Security. The real first thing that came out of yesterday on, you know, all the IRC chats and everything else was, "Well, the news is coming from Fox News, and supposedly the FBI. It's probably not credible." But when a lot of other news sources started reporting it, everyone started believing. And then it kind of went into hectic repair mode. "Who knows him? Who talked to him?" All that fun stuff.
AMY GOODMAN: Were you surprised? Were you shocked? And what does this mean for your organizing?
GREGG HOUSH: I was surprised, definitely. I mean, the most surprising thing to me, though, was, you know, something that you just mentioned, the fact that the FBI basically allowed LulzSec/Anonymous to hack Stratfor and to dump all that data to WikiLeaks. They pretty much sacrificed Stratfor in the name of hunting down Julian Assange. And that's the strangest thing of all of this to me so far.
AMY GOODMAN: And the relationship between LulzSec and Anonymous? Let me go to our second guest, to Gabriella Coleman, a professor at McGill University. We just lost Gregg in Boston at the studio. Gabriella Coleman is a leading authority on the anthropology of digital media, hackers and the law. Her forthcoming book is called Coding Freedom: The Aesthetics and [the] Ethics of Hacking. Can you talk about these organizations, LulzSec as well as Anonymous, and their relationship?
GABRIELLA COLEMAN: Sure. So it's very interesting, because Anonymous isn't located in one place, nor is it just one group of people. There's various networks and nodes, from Latin America to Europe. They often work internationally. What was interesting about LulzSec, which also then became AntiSec, is that they were a small, clandestine group of hackers who worked in a very targeted fashion, while many of the other operations within Anonymous are far more open and participatory. And because of the nature of the activity they were doing, they had to be closed. And this created some tension within the wider Anonymous network. So on the one hand, there was support for the type of work they did; on the other hand, there was critiques of the ways in which they handle themselves and some of the hacks that they engaged in.
AMY GOODMAN: This issue of Sabu being the informant, Gabriella, the significance of this, following up on what Gregg said?
GABRIELLA COLEMAN: Well, on the one hand, it's not completely surprising. There had been rumors of infiltration or informants. At some level, Anonymous is quite easy to infiltrate, because anyone can sort of join and participate. And so, there had been rumors of this sort of activity happening for quite a long time. It also demonstrates, I think, with the case of Sabu, who got caught, supposedly because he one time connected without using a kind of anonymizing software tooland you have to sort of take many precautions in order to really fully anonymize yourself. There are many tools out there, but they don't necessarily work 100 percent of the time.
AMY GOODMAN: Now let's talk about how he got caught this summer. He gets caught, people don't realize that he was arrested, and it's then that he was turned?
GABRIELLA COLEMAN: Exactly. So he was arrested. He actually did vanish for a while off of Twitter and other networks, and then he returned. He had quite a bit of trust from a lot of people, and so, in some ways, his transition back was quite seamless.
AMY GOODMAN: Very quickly, we only have a few seconds: no names of prosecutors taking credit for theon the FBI press release, for the Anonymous/LulzSec arrests. That's what you tweeted.
GABRIELLA COLEMAN: Right, no names. I got that from Christopher Soghoian. And probably one of the reasons for this is to protect them from Anonymous attacks, as well, who have definitely gone after individuals, police officers, and so on and so forth.
AMY GOODMAN: And what this means for WikiLeaks and for the push to arrest Julian Assange again in the release of Stratfor emails? It looks like there's a sealed indictment, a secret indictment, against Assange that they discovered.
GABRIELLA COLEMAN: I think we will soon see whether the handover of information, emails from Anonymous to WikiLeaks will strengthen the case against Julian Assange, but that's definitely a possibility, although we don't have any firm information about it right now.
AMY GOODMAN: Gabriella Coleman, I want to thank you for being with us, professor at McGill University

[Peter Lemkin]

Anonymous Rocked by News That Top Hacker Snitched to Feds

• By Quinn Norton
  
• Email Author
  
• March 7, 2012 |
  
• 1:50 am |
  
• Categories: Anonymous
  

Follow @quinnnorton


On the heels of 25 arrests of Spanish-speaking anons last week, Anonymous was rocked Tuesday by the news that Hector Xavier Monsegur, the legal name of prominent antisec known as Sabu, has been cooperating with the FBI to hunt down other anon hackers from Lulzsec and Antisec.
The chatter on the anon IRC servers and anon-associated Twitter accounts ranged Tuesday from denial about Sabu's involvement to outrage and hatred for Monsegur. One who worked with Sabu as part of Antisec, the miltant and pranksterish arm of Anonymous, described themselves as "emotionally devastated" and "shocked" by the news.
"Sabu was in my opinion a great guy. I was woken up today with the message that the arrests happened. It came to me like an emotional bitchslap," said the anon in an online chat. "I know why I got kicked out of antisec now," the anon continued, intimating that Sabu did so to protect him/her from prosecution.

Another anon described Sabu as a mentor figure, saying Sabu had encouraged and taught him/her about Python programming.
"I honestly wouldn't have learned without him actually taking the time to give me some really pro tips… and show me that there was almost no limits to what you could do with it if you were doing it right."
But in the timeframe of Monsegur's arrest which occurred without public notice in the summer, this anon saw a change in Monsegur's behavior. Monsegur became more distant, and while he'd always displayed an un-Anonymous desire for fame that drew criticism, "after a certain point everything just became about him-him-him. And he'd randomly send out some almost cryptic messages about how it was all for Anonymous etc etc, but at a certain point I just stopped buying that. I think a lot of people did."
According to several anons, around this time Monsegur became interested in a wider range of operations, including those he'd not had previous involvement in.
But despite the changes and ultimate betrayal, many anons aren't ready to condemn Monsegur after hearing about the arrests of fellow anons due to his cooperation with the feds.
"It was either 124 years for Sabu, or 10 years each for the others," said the former antisec anon. "I get why he did it, but he damaged the collective because of his own problems. And Anonymous is not your personal army. Nor is antisec."
The possible 124-year sentence for Monsegur's crimes struck anons as out of proportion for his crimes. As one put it, "Sabu is approximately one Topiary and some cash less heinous than Bernie Madoff, according to the FBI using their measurement of prison time," referring to the purported age of one of the Lulzsec members Monsegur snitched on and the relatively light sentence of the billion-dollar ponzi scheme fraudster.
The information from Monsegur has led to further charges for Ryan Ackroyd and Jake Davis, who were previously charged for alleged participation in a hacking spree last spring. His cooperation also led to the arrest and indictment of Darren Martyn, and Donncha O'Cearrbhail in connection with Lulzsec, and Jeremy Hammond in connection with Antisec. In particular, Hammond is being prosecuted for the high-profile hack of Stratfor, a private intelligence firm relied on by major corporations, which led to the distribution of Stratfor's internal e-mail by Wikileaks last week.
Jeremy Hammond of Chicago appears to be a noted activist and hacker who has had previous brushes with the law, who has given a defcon talk on electronic civil disobedience, and even been profiled by Chicago Magazine.
On the day of the arrest, Monsegur's guilty plea was unsealed, claiming 12 counts, including conspiracy to commit computer hacking, and conspiracy to commit bank fraud, among other charges. No details of a plea deal that lead to his cooperation have been released.
As for the long run, many anons don't believe the effects will be profound.
"So the amount of information that both Sabu and crediblethreat (Hammond) have is pretty impressive," said an anon speaking to Wired. "We can assume now that the FBI has all of that information. So long as Anons had taken measures to remain Anonymous when dealing with those people it will be business as usual."
Anons also reposted a video recapping the group's outsized influence in 2011, perhaps as a way to suggest that the arrests wouldn't slow a group that has evolved from a malicious group of pranksters into a force to be reckoned with on the world's stage.

The anon kicked out of Antisec by Sabu put it this way in a chat with Wired on the IRC:

Anon: we need to pick our lives back up
Anon: and go on
Anon: antisec
Anon: anonymous
Anon: everything
Anon: I'll keep on doing what I have always done for Anonymous
Anon: You have seen it today
Anon: http://musterroom.com/ antisec goes on [referring to an Antisec-signed defacement of a small law enforcement chat site]
Anon: anonymous goes on
Anon: I think it was merely a speedbump for the collective
Anon: but a massive emotional bitchslap for individuals

Depending on what frame you look at Anonymous through, this may be true. While these arrests are devastating for the mediagenic hacking wing of Anonymous, other parts of the collective that more involved in traditional activism remain largely untouched. Anonymous activity against SOPA and other legislation in the USA, like the recent HR 347, and ACTA in Europe, are gaining steam. And the freedom ops involved with supporting protesters in the Middle East continue unphased.
That said, in what's inevitably going to be a long war between the law and those in Anonymous who believe in a greater justice outside of the law, the law won a big battle Tuesday, no matter how anons try to spin it.
Photo: Newton Grafitti/Flicker

• Post Comment |
  
• 23 Comments and 158 Reactions |
  
• Permalink
  

Hackers Vie for More Than $1 Million to Take Down Browsers

• By Kim Zetter
  
• Email Author
  
• March 6, 2012 |
  
• 10:31 pm |
  
• Categories: Cybersecurity, Hacks and Cracks
  

As alleged hackers from LulzSec and Anonymous contemplate the possibility of a life behind bars, other hackers are limbering up in Canada this week to vie for more than $1 million in prize money for their hacking prowess.
The annual Pwn2Own contest at the CanSecWest security conference is in its sixth year and aims to improve the security of the internet by challenging researchers to find zero-day vulnerabilities and develop exploits to attack them, while disclosing the findings to vendors to allow the companies to patch their products before the vulnerabilities can be exploited in the wild. The contest provides the makers of browser software and other applications with valuable information about security flaws in their products, without having to spend the time and resources to uncover the vulnerabilities themselves.
The targets this year are four browsers Microsoft's Internet Explorer, Apple Safari, Mozilla Firefox and Google Chrome. Contestants aim to own a browser or "pwn" in hackerspeak by using exploits to get the browser to run arbitrary code of the hacker's choice.
The browsers being targeted will be running on systems with fully patched versions of the Windows 7 or Lion operating systems.
Contestants earn points for various levels of exploits and the amount of time it takes to develop them, with the top three point-earners winning money awards. A working zero-day exploit against the latest version of any of the browsers, for example, earns the hacker or his team 32 points.
The person or team with the most points at the end of the contest will receive $60,000 from Hewlett-Packard, which sponsors the contest. Second place brings $30,000 and third place, $15,000. Additionally, the winners will receive the laptops on which the browsers were running during the contest. This year the laptops include two Asus Zenbooks and a Macbook Air.
The first year the contest was held in 2007, it took a contestant just five hours to discover an exploitable flaw in the Safari browser, and another four hours to write an exploit to attack it.
This year, Google has sweetened the pot with its own parallel contest focusing just on its Chrome browser. Although Chrome was one of the target browsers in last year's contest, no contestant took aim at it, leaving Google to go home with an empty exploit bag. This year to entice researchers, Google decided to sponsor its own contest, with up to $1 million in cash awards to anyone who can uncover vulnerabilities and develop working exploits for Chrome.
Google has pledged to pay multiple awards in the amounts of $60,000, $40,000 and $20,000, depending on the severity and characteristics of the exploits, up to $1 million. Winners will also receive a Chromebook.
"[W]e have a big learning opportunity when we receive full end-to-end exploits," Google's Chrome security team wrote in a blog post last month. "Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing. This enables us to better protect our users."
The breakdown for Chrome exploit awards is as follows:

$60,000 "Full Chrome exploit": Chrome / Win7 local OS user account persistence using only bugs in Chrome itself.

$40,000 "Partial Chrome exploit": Chrome / Win7 local OS user account persistence using at least one bug in Chrome itself, plus other bugs. For example, a WebKit bug combined with a Windows sandbox bug.

$20,000 "Consolation reward, Flash / Windows / other": Chrome / Win7 local OS user account persistence that does not use bugs in Chrome. For example, bugs in one or more of Flash, Windows or a driver. These exploits are not specific to Chrome and will be a threat to users of any web browser. Although not specifically Chrome's issue, we've decided to offer consolation prizes because these findings still help us toward our mission of making the entire web safer.

 All winners will also receive a Chromebook.

Running parallel to the two contests will be a full schedule of security talks from Wednesday to Friday, focusing on such topics as vulnerabilities in the HDMI (High-Definition Multimedia Interace), bypassing firewall filtering and the legal issues around security research of mobile devices.

• Post Comment |
  
• 4 Comments and 62 Reactions |
  
• Permalink
  

LulzSec Leader Was Snitch Who Helped Snag Fellow Hackers

• By Kim Zetter
  
• Email Author
  
• March 6, 2012 |
  
• 10:07 am |
  
• Categories: Anonymous, Hacks and Cracks
  

A top LulzSec leader turned informant last year after he was secretly arrested, providing information to law enforcement that led to the arrests Tuesday of other top members of the hacking group, including one alleged to be deeply involved in December's Stratfor hack, federal authorities said Tuesday.
Hector Xavier Monsegur, a 28-year-old New Yorker who used the online name "Sabu," has been working undercover for the feds since the FBI arrested him without fanfare last June, a story first reported by Fox News. Monsegur provided agents with information that helped them arrest several suspects on Tuesday, including two men from Great Britain, two from Ireland and an American in Chicago.
The charges against them would complete any hacker's resume. They are accused of breaking into computer systems, deleting data, stealing confidential information "including encrypted and unencrypted sensitive personal information for thousands of victims," according to court documents (.pdf).
Monsegur, an unemployed father of two, led the loosely organized group of hackers from his apartment in a public housing project in New York. He pleaded guilty Tuesday to various hacking-related charges. Documents (.pdf) in his case were unsealed in New York federal court on Tuesday. The government did not say what type of plea deal was made with Monsegur, who theoretically faces a maximum 124-year sentence.
The record unsealed Tuesday generally references him as CW-1. Federal authorities declined comment on whether Monsegur was the informant. But in court records, Stephanie Christensen, an assistant U.S. attorney in Los Angeles, said (.pdf) Monsegur "is actively cooperating with the government and has indicated an intent to continue working proactively with the government. Defendant has provided the government with detailed information concerning the activities of certain individuals who are suspected of being involved in the unauthorized computer intrusions or hacks' into various computer networks of several well-known corporations."
Those arrested include Ryan Ackroyd, aka "Kayla" of Doncaster, United Kingdom; Jake Davis, aka "Topiary" of London; Darren Martyn, aka "pwnsauce" of Ireland; Donncha O'Cearrbhail, aka "palladium" of Ireland; and Jeremy Hammond, aka "Anarchaos"of Chicago.
Hammond, a member of Anonymous a group loosely affiliated with LulzSec is believed to be the main actor behind the hack of U.S. private intelligence company Stratfor in December, which resulted in the seizure of more than 5 million company e-mails, customer credit card numbers and other confidential information. The government said in a court filing that Hammond "used some of the stolen credit card data to make at least $700,000 worth of unauthorized charges." (.pdf) The Stratfor hackers publicly said they were using the cards to make donations to charity, and provided screenshots.
The secret-spilling site WikiLeaks has begun to publish the Stratfor e-mails via media partners around the world.
The records show that Texas-based Stratfor encrypted its clients' passwords, "but stored other client information, including credit card numbers and associated data, in clear text."
Sabu was one of the most outspoken and brazen of the LulzSec crew that rampaged across the internet last spring, though several of them were publicly arrested last year. However, Sabu fell silent in the summer, leaving a parting Tweet quoting the The Usual Suspects. But then he reappeared in September, denying that he'd been arrested. But many anons suspected that Sabu had been arrested, since other anons had published his identity online.
An anonymous blog post from November made the case that Sabu had turned state's evidence.

His reappearance was not much of a surprise, as it has been a frequent public rumored (and secretly verified) that Sabu was identified, apprehended by the FBI and turned to an informant. Over the past several months, all of the original LulzSec member except Sabu himself have been arrested. Even though Sabu has been publicly doxed and completely owned on several occasions. You may be asking yourself, why is he still free? The answer is Intel. The longer he is "free" is the longer that the FBI and other LEAs can gather information on other hackers and move in for more arrests. Simple as that.
Besides Sabu's rampant snitching and informing on this old friends, the Anonops IRC network has been hacked and rooted. Great news all around.

Brian Knappenberger, who has nearly completed a documentary on Anonymous called We Are Legion that is screening next week at SXSW, said he suspected as much when Sabu's Twitter feed stopped for a month and many Anons suspected it as well.
"When he went dark and tweeted the famous Usual Suspects line about the greatest trick the devil ever pulled was convincing the world he didn't exist, I thought then he was snatched up by the FBI. Then he came back a month later and like nothing ever happened like he took a break or just went on vacation," Knappenberger said. "I had a conversation with someone who said A little bird told me there is a reason they are not arresting Sabu' but whenever anyone said that on Twitter, Sabu would respond with string of obscenities."
The other four defendants, who the feds said were affiliated with Anonymous, are accused of a myriad of hacks on Fine Gael, HBGary Federal and Fox Broadcasting Company, according to court records.
The four called themselves "Internet Feds," the government said.
The authorities added that Ackroyd, Davis, Martyn and Monsegur, "as members of LulzSec," conspired to hack PBS "in retaliation for what LulzSec perceived to be unfavorable news coverage in an episode of the news program Frontline,'" which had broadcast a documentary on WikiLeaks in May.
Additonal reporting and writing by David Kravets and Ryan Singel

[Magda Hassan]

What has Sabu taught Anonymous?

That you are responsible for your own anonymity. You can't trust your friends, or even a paid service, to do that for you. Taking risks draws attention and puts your anonymity at risk.

That Anonymous scares law enforcement enough for them to spend resources handling informants and attempting to infiltrate agents into the "organization".

That our strength is multiplied by our disarray. We are not an organization, we are a network through which information spreads. We disseminate information and respond to it as a collective of like-minded individuals working towards a common goal faster than any organization could ever hope to.

That Anonymous doesn't flinch.

We are Anonymous.
We are Legion.
We do not forgive.
We do not forget.
Expect us.

[Magda Hassan]

Was Anonymous' Hacker-Informant Sabu A Tool Of FBI Entrapment?

In a typical criminal conspiracy takedown, lower-level minions are flipped to inform on a crime syndicate's boss. But in the investigation of LulzSec, the hacker splinter group that broke off from Anonymous last summer, the FBI seems to have found a snitch in none other than the conspiracy's ringleader and organizer, the 28-year-old hacker known as Sabu.

Which raises a strange question: As the FBI worked to take down the radical hacktivist group over the last months, was it also egging it on?
Yesterday it was revealed that Hector Xavier Monsegur, the alleged hacker known as Sabu, had been acting as a government informantsince as early as last June, helping to provide the FBI with information that led to three more arrests of alleged LulzSec-related hackers yesterday, along with new charges against two of the other related defendants. The help of the Spanish-speaking Monsegur may have even aided the arrest of 25 other alleged members of Anonymous in Spain and South America late last month.
But criminal defense lawyers for those accused hackers are no doubt poring over his communications with their clients, and looking for evidence of entrapment: the defense that the U.S. government, with an influential member of Anonymous as their pawn, pushed hackers into the same illegal acts for which they're now prosecuting them.
Months after Monsegur began cooperating with law enforcement, his Twitter feed (with 45,000 followers) continued to rally his hacktivist "brothers" to attack governments and private corporate targets. A message he wrote in late December asked for fellow hackers to give him stolen documents so that they could be published under the banner of "Antisec," the sub-movement against the security industry in which he was a vocal organizer. "Leakers, security researchers or hackers who have vulnerabilities or leaked docs contact us," Monsegur wrote.
After the assassination of Iranian nuclear scientists in January, he called for hacking attacks on Israel. "Since #israel started the week by blowing up Iranian nuclear scientists how about we focus on disrupting their infrastructure?" he wrote to his followers.
As recently as last month, Monsegur was inciting attacks on Interpol in retaliation for arrests of his fellow anons. "Hackers of the world: Interpol has declared war on hackers," he wrote. "Time to strike back. Infiltrate." The denial of service attack on Interpol's website that followed took the site down for around half an hour."AA
And perhaps most significantly, Monsegur seems to have taken an active part in the attack on the private intelligence think tank Stratfor, whose millions of stolen emails are now being released by WikiLeaks. In fact, the indictment of 27-year old Chicagoan Jeremy Hammond, unsealed Tuesday, states that an informant under the name Cooperative Witness One or "CW-1″ in New York convinced Hammond to move stolen Stratfor data to a server that the informant provided. Given that there are no other indicted members of LulzSec in New York, CW-1 is no doubt Monsegur.
In other conversations between Monsegur and Hammond included in the indictmentand there's no telling what Monsegur may have said that wasn't quote by prosecutorsMonsegur explicitly encourages illegal hacking and disclosure of stolen info.
"Wanna release that list of 92% cracked Stratfor hashes?" he asks Hammond at one point. Hammond replies to Monsegur that it's "Your call."
"If I get raided anarchaos your job is to cause havok in my honor," Monsegur tells Hammond later, using one of the hacker's pseudonyms.
"It shall be so," Hammond responds.

Whether this kind of encouragement and support for illegal hacking rises to the level of entrapment, however, is far from clear, says Electronic Frontier Foundation attorney Hanni Fakhoury. The legal definition of entrapment hinges on two separate issues: Inducement and predisposition. To meet the "inducement" requirement, the government must be actively "authorizing, directing or supervising" the defendant's criminal behavior. And to pass the second criteria, the defendant has to be shown to have not had a predisposition to commit that crime without the government's encouragement.Fakhoury cautions that the case for any defendant associated with Monsegur would depend on the specific facts of that person's behavior and communications with Monsegur. But he believes the first element of entrapment may strongly apply in some of the indicted hackers' cases, while the predisposition case will be more difficult to argue. "I think inducement is pretty clear here," says Fakhoury. "The government knew what [Monsegur] was doing. Much harder will be proving pre-disposition: that the defendants weren't already predisposed to engage in that [illegal] behavior."Given that members of Anonymous often openly discuss their motivations and gain status in the group by acting on their own initiative, prosecutors may have an easy time showing that any defendants in Monsegur's circle were already predisposed to hacking. "They're pretty vocal about their tactics and their policies and what they want to do," says Fakhoury. "A traditional entrapment case is someone who's pressured into something. These individuals aren't usually pressured, and they often make statements like This is why I'm involved in Anonymous and this is what I'm doing.'"In other areas, particularly domestic terrorism, the FBI has been known to weave complex scenarios around suspects to actively tempt them into committing crimes. In the case of the "Newburgh Five," a group of New York men charged with plotting to bomb synagogues in the Bronx and shoot down military airplanes, the FBI informant in many respects functioned as the primary organizer of the plot, offering to supply the group with its explosives, a BMW, a $250,000 payment. As for the "terrorists" themselves, they were hardly capable of carrying out the attack on their own: None even had a driver's license.In another case, two activists at the Republican National Convention were arrested and convicted on terrorism charges for making Molotov cocktails. Aslaid out in the recent documentary "Better This World," the pair had been mentored in radical activism for over a year by a well-known activist-turned-FBI-informant who encouraged them to abandon more pacificist measures.Despite cases like these, none of the 10 terrorism prosecutions involving informants over the last decade has successfully used an entrapment defense. "In short, if a suspicion of entrapment seems a viable starting-point for a defense, forget it," attorney Karen Greenberg wrote in an editorial in the Guardian. "Find another strategy with which to defend your client."In the case of Monsegur, the EFF's Fakhoury says the case does indeed smell "fishy." "Is the government manufacturing crime in order to prevent it?" he asks. "Something about it definitely doesn't seem right."And whether or not an entrapment defense will win out for any of Monsegur's fellow hackers, Fakhoury expects the issue to appear in their upcoming trials. "I don't think this will necessarily be that successful a defense," he says. "But it's one that should absolutely be raised by any good defense attorney."

http://www.forbes.com/sites/andygreenber...rapment/2/

[Magda Hassan]

Wikileaks Stratfor email dump could be FBI sting

Wikileaks obtained Stratfor e-mail from group infiltrated by FBI...
By Patrick Gray


March 7, 2012 -- Global law enforcement swooped overnight, arresting a handful of online miscreants who, between them, have generated more headlines than the rest of the online underground put together.
That's right, LulzSec has been comprehensively pwnt. Some were arrested yesterday in raids, others, arrested some time ago, had their indictments unsealed by the courts.
But it was the news that online Anonymous hero Sabu, aka Hector Xavier Monsegur, had beenacting as an FBI snitch since August 2011 that came as a shock to many.
It shouldn't have.
Back in September 2011, Sabu returned to Twitter after a one month hiatus as rumours of his arrest swept the Internet. He had indeed been arrested and flipped. By the time he logged back on to Twitter he was an active asset of the FBI.
The game had been up for Sabu since June 2011 at the latest. His identity had been well and truly exposed, with multiple pastebin posts unmasking him.
You would think anyone with half a brain would keep their distance from a high-profile target who was rumoured to be arrested, disappeared for a month, then reappeared.
But no. Everyone stayed tight. That's how the attackers allegedly behind the HBGary Federal attack, Stratfor's mail leak, the law-enforcement con call wiretap and attacks against Sony Entertainment have all wound up in the clink.
None of this matters. The real play here could be for Wikileaks and its founder Julian Assange.
We know these are the people who stole Stratfor's e-mail. This is the e-mail Wikileaks recently began publishing and releasing to its "media partners". We also know that this particular group of hackers had been completely and utterly compromised by the FBI.
Is it possible that the idea of passing Stratfor's mail on to Wikileaks, instead of just publishing it to the Internet, was in fact the FBI's idea? This group published HBGary's stolen mail directly to the Internet, why change now? Could it be that Sabu, at the behest of the FBI, was advocating a different approach?
You would think that the negotiated handover of illegally obtained data could open up all sorts of conversational possibilities. If a Wikileaks staffer asked these anon contacts to illegally obtain more information from other targets, I imagine that would be legally problematic.
The trick for the US Department of Justice could be trying to portray Wikileaks as the document laundering arm of Anonymous.
You can bet your bottom dollar that any communications between Wikileaks and this group were monitored, but it will be some time before we know if prosecutors can make hay from them.
Listen to Wired.com's news editor Kevin Poulsen discuss the Stratfor email dump. (24 mins in.)
http://risky.biz/wlfbi