LulzSec Hacktivists Arrested, Anonymous Strikes Back

March 7, 2012

Hackers claiming to belong to the decentralized online organization Anonymous say that they have defaced multiple websites belonging to online defense firm Panda Security in retaliation to a trans-Atlantic investigation exposing one of Anonymous’ best-known hackers “Sabu” (Hector Xavier Monsegur) as an alleged FBI informant, according to an AP report.

An FBI press release from March 6, 2012, states that five hackers in the U.S. and abroad from groups related to Anonymous, including “Internet Feds,” “LulzSec” and “AntiSec” have been arrested and charged with computer hacking and other crimes. The allegations against Ryan Ackroyd, Jake Davis, Darren Martyn, Donncha O’Cearrbhail and Jeremy Hammond are all based on information from Monsegur’s guilty plea in August 2011, the report said.

This plea detailed several key attacks allegedly featuring these hackers or their organizations. Between December 2010 and June 2011, Monsegur and other Anonymous members took credit for denial of service (DoS) attacks against the Visa, MasterCard and PayPal websites as retaliation for these companies’ refusal to process conations to Wikileaks, according to the FBI report.

“Between December 2010 and May 2011, members of Internet Feds similarly waged a deliberate campaign of online destructions, intimidation, and criminality,” the report stated. “Members of Internet Feds engaged in a series of cyber attacks that included breaking into computer systems, stealing confidential information, publicly disclosing stolen confidential information, hijacking victims’ e-mail and Twitter accounts, and defacing victims’ Internet websites.” According to the report, Ackryod, Davis, Martyn, O’Cearrbhail and Monsegur, through Internet Feds, stole confidential data pertaining to 80,000 user accounts from HBGary, Inc., and data from another 70,000 potential contestants on the FOX network show “X-Factor.”

Hammond and co-conspirators from AntiSec, an offshoot of Anonymous, allegedly infiltrated Stratfor, a private firm providing governments and others with independent geopolitical analysis, and stole confidential information from 860,000 users, the report said. They also stole credit card information from 60,000 users and made unauthorized charges on those accounts exceeding $700,000.

The hackers are facing 15 to 30 years of prison time for computer hacking conspiracy and intentionally disclosing an unlawfully intercepted wire communication, according to the FBI report. Monsegur is facing a maximum sentence of 124 years and six months in prison for conspiracy, hacking, fraud, and aggravated identity theft.

Panda Security, based in Bilbao, Spain, has acknowledged the attacks but maintain that its main site wasn’t compromised, the AP report said.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.