Arrests Sow Mistrust Inside a Clan of Hackers

Hector Xavier Monsegur, AKA Sabu: an unemployed man from New York who is allegedly the mastermind of LulzSec
Hector Xavier Monsegur, AKA Sabu: an unemployed man from New York who is allegedly the mastermind of LulzSec


By: Somini Sengupta

Posted: March 6th,2012

For months, The Real Sabu, as he called himself on Twitter, boasted, cursed and egged on his followers to take part in computer attacks against private companies and government agencies worldwide.

“Don’t give in to these people,” he wrote on Monday, ridiculing “cowards” in the federal government. “Fight back. Stay strong.”

It turns out that Sabu had become an informant for federal law enforcement authorities. On Tuesday, in what could be one of the biggest breakthroughs in the government crackdown on a loose, large confederation of politically inspired “hacktivists,” he was unmasked and revealed to have helped the authorities catch several fellow hackers in Europe and the United States.

Four men in Britain and Ireland were charged Tuesday with computer crimes; a fifth man was arrested Monday in Chicago.

Court papers identified Sabu as Hector Xavier Monsegur, 28, of New York. He pleaded guilty last August to a dozen counts of conspiracy to attack computers. He had operated since then as usual — as The Real Sabu, instigating attacks and quoting revolutionaries online.

The prosecutions are part of a wave of coordinated efforts to rein in a leaderless, multinational movement called Anonymous, which has drawn attention for its protests against the Church of Scientology and in support of the whistle-blower site WikiLeaks. It has spawned spinoffs with different names and insignias, among them LulzSec, which claimed to attack computer security companies for laughs, or lulz, and of which Sabu was a prominent, outspoken member.

Just last week, Interpol announced the arrests of 25 people suspected of being Anonymous members in Europe. Sabu reacted to that news on Twitter by urging others to attack Interpol’s Web site.

Mr. Monsegur’s base of operations seems to have been his late grandmother’s sixth-floor apartment in a public-housing project on the Lower East Side of Manhattan. He was apparently self-trained, and he appears to have been equally skilled at hacking and deceiving his fellow hackers. His downfall, if nothing else, will sow even more distrust and dissension in the ranks of Anonymous.

“It is going to be very difficult for Anonymous to recover from such a breach of trust,” said Mikko Hypponen, a security researcher at F-Secure Labs in Helsinki. “You can see the Anonymous people now looking left and right and realizing, if they couldn’t trust Sabu, who can they trust?”

Whether this will temper the larger hacker cause remains to be seen. Anonymous is a decentralized movement that is, broadly speaking, opposed to state institutions and the companies that work with them, and its members have embraced an ever-shifting variety of causes, including animal rights and democracy in the Middle East.

The ranks are steadily replenished with people of varying skills. The targets have included Fox News, Sony, the government contractor HBGary and the Federal Bureau of Investigation. Favored tactics are either to start brute-force attacks aimed at slowing or shutting down sites, or to break into computer systems and expose embarrassing communications.

Gabriella Coleman, an anthropologist who studies the Anonymous movement and teaches at McGill University in Montreal, said she expected the latest prosecutions would most likely have “a chilling effect” on their hacking tactics.

“These are moments of massive reflection — who are we, what do we want to be?” she said of Anonymous.

The group’s latest highly publicized breach was of the geopolitical analysis firm Stratfor. Its system was first penetrated last December, and the hackers exposed its customers’ names and e-mail addresses. Then, starting last week, its internal communications were released on the Internet by a new partner, WikiLeaks.

On Monday night, the F.B.I. arrested Jeremy Hammond, 27, of Chicago, in connection with the Stratfor breach. Mr. Hammond is charged with stealing credit card information and using some of it to rack up more than $700,000 in charges.

Read More: Page 2