For a while, it seemed that the hacker group with the silly name was running rings around the FBI. In the end, however, it appears it was the FBI running the show.
In the summer of 2011, LulzSec – supposedly short for “Lulz Security” – erupted out of nowhere and began a flashy string of hack attacks. They successfully went after major targets such as the Sony Corporation (which was forced into a public apology,) the U.S. Senate, PBS, and even the CIA. Their targets seemed to pop up randomly and their boastful Twitter feed became a must read for anyone interested in cyber security. For about two months, LulzSec was the “It” girl of hackers.
Then came the public questions as to whether LulzSec was a group of disgruntled Anonymous hackers, and whether the two groups were fighting with each other. Unlike Anonymous, which tended to target opponents more for ideological reasons, LulzSec seemed happy to embarrass anyone, releasing reams of private information and generally making a lot of mischief on the web for, in their words, “…the lulz.”
Yet before anyone could answer these questions, LulzSec disappeared. “It’s time to say bon voyage,” they posted on their website (now removed.) “Our planned 50 day cruise has expired, and we must now sail into the distance, leaving behind – we hope – inspiration, fear, denial, happiness, approval, disapproval, mockery, embarrassment, thoughtfulness, jealousy, hate, even love.”
And just like that, LulzSec was gone. Or were they?
In late July, “AnonymousSabu”, thought to be one of LulzSec’s founders, threatened more hacks and new collaborations, either with unnamed media outlets or, possibly, with other hacker offshoots like AntiSec or AnonOps. A week later, once again, LulzSec seemed to disappear, but this time with no public flourish or smart-mouthed braying. Now we may know the reason why.
On Monday, March 6, the FBI arrested five individuals (one in the US, two in Britain and two in Ireland) that it says were involved in the LulzSec hacks. Further, according to documents unsealed in court, 28-year-old Hector Xavier Monsegur, a.k.a. “AnonymousSabu,” and LulzSec leader, has been cooperating with the FBI since August, turning over evidence and setting traps to snare his former LulzSec conspirators.
“As a result of Monsegur’s cooperation, which was confirmed by numerous senior-level officials,” reports Fox News, “the remaining top-ranking members of LulzSec were arrested or hit with additional charges Tuesday morning.” Jana Winter of Foxnews.com, in a sidebar feature, writes that Monsegur pleaded guilty August 15, 2011 to ten charges related to his hacking activities. In a plea deal, she writes, Monsegur agreed to turn evidence on his colleagues:
“Flipping Monsegur wasn’t easy. But with a charge of aggravated identity theft and a two-year prison sentence to hang over his head, the FBI forced Monsegur to weigh the political beliefs that drove him and his allegiance to cohorts around the world against his desire to be with his kids—he is the guardian of two children—and his extended family.
‘He didn’t go easy,’ a law enforcement official involved in flipping Sabu told FoxNews.com. ‘It was because of his kids. He didn’t want to go away to prison and leave them. That’s how we got him.’”
A Coda: One of @AnoymousSabu’s last tweets, sent just one day before the arrests of his fellow Lulzers, reads:
“Without informants or companies bending over+giving up their customer data the feds would be further behind than they are now. Ride up.”
Who’s got lulz now?