FBI Hits Back: Arrests LulzSec and Anonymous Members with the Help of Kingpin Sabu

After being repeatedly embarrassed and discomforted by Anonymous and its various offshoots, the feds have finally managed to land a telling blow on the notorious band of hackers. Fox News is reporting that Kayla (Ryan Ackroyd), Topiary (Jake Davis), pwnsauce (Darren Martyn), palladium (Donncha O’Cearrbhail), and Anarchaos (Jeremy Hammond) have been arrested in an intercontinental raid. The hackers were picked up from USA (Chicago), UK (London), and Ireland.

The arrests tell only part of the story. The real kicker is in the details. Apparently, the feds managed to track down Sabu, the kingpin of LulzSec and one of the leaders of Anonymous, in June, 2011. The man behind some of the most notorious attacks in the past 18 months turned out to be Hector Xavier Monsegur – an unemployed, 28-year-old father of two. Facing the charge of charge of aggravated identity theft, which carries a two year prison sentence, Sabu agreed to drop all his moral convictions and teamed up with the FBI. Turning him wasn’t easy, and ultimately it was the prospect of staying away from his kids that swayed him. Since then, Sabu has continued to work with the FBI, often from their offices, to help in collection of proof against his co-conspirators.

Although today’s news will send shockwaves through Anonymous, this wasn’t totally unexpected. Sabu had been doxed towards the end of last year itself, and several hackers believed that he was snitching. Here are excerpts from a prophetic interview given by Virus:

6:15:39 PM virus: he disappeared for a week, I don’t recall what day
6:15:52 PM virus: but when he returned he said his grand mother died and that’s why he was MIA
6:16:01 PM virus: after that he started offering me money to own people

6:19:19 PM virus: another reason why I believe he was converted after he disappeared and returned is everybody else started getting arrested one by one starting with ryan clearly, who was their ddos bitch
6:19:29 PM virus: yes, I believe he cut a deal to save himself

Back in November, Jester and others uncovered Sabu’s real name, email address, address, pictures and other personal details. Here are some of the stuff about Sabu that was already available on the internet:


Sabu’s grandmom with his and his dad’s pictures (source)

Even though, many members of the inner circle had already predicted today’s events, it still is a massive blow to Anonymous. Not only have they lost several of their most visible faces, but they have been betrayed by their de facto leader.

The Antisec Team Strikes At Online Security Supplies Store

Continuing their role of being a silly bunch of hackers with vague goals and assaulting easy-to-hack sites and then twisting their victims to somehow fit into their agenda, the #Antisec team of [probably] Anonymous has struck again! Now as you can see, I have a poor opinion about these attacks. This is mostly due to their terrible handling of the previous attack on Stratfor and misappropriating stealing money from credit cards. Now I do not know what wrong Stratfor, or their latest target SpecialForces.com did but merely standing by and doing business is something these Anons cannot stand. As I have said before, we live in sad times.


The pretext that Antisec put up to attack SpecialForces.com, a security gear supply store (they stock items like knives, combat apparel and the like), is merely existing:-

[W]e are announcing our next target: the online piggie supply store SpecialForces.com. Their customer base is comprised primarily of military and law enforcement affiliated individuals, who have for too long enjoyed purchasing tactical combat equipment from their slick and professionallooking website.

According to the group which is yet to be properly identified (they just mentioned Merry LulzXmasand #Antisec in their release and since they mentioned Stratfor, I am assuming they are Anonymous), this attack is indirectly related to the pepper spraying cop of UC Davis fame. How very… precise, Anons.

We will have more on this as it develops.

UK Police Identifies Topiary as Jake Davis, Both LulzSec and Topiary Twitter Accounts Silent For Now

A few days ago, LulzSec made a comeback with its parent group Anonymous for  #OpPayPal  against PayPal. It also shot Lulz cannons against Mudroch and his News Corp, and released confidential documents relating to FBI contractor  ManTech International. ManTech International also does business with the USAF, NSA, Marine Corps and the Defense Intelligence Agency.
LulzSec made a comeback, but is anyone here impressed? For instance, Kaushik had this to say  about LulzSec.

Considering the little amount of mayhem that LulzSec caused and the disproportionately high amount of chest thumping they gave themselves, they always seem to be on the threshold of quitting.

I will not delve into how much everyone hates LulzSec. With the arrest of Topiary, the Lulz boat has lost its Jack Sparrow. Topiary was the showstopper and public face  of LulzSec. After his arrest, LulzSec has not spoken in its official Twitter account. Although his participation in the recent hacks was not remarkable, he held an important position in the group.

Topiary was also a part of Anonymous. Days before his arrest, his Twitter account was wiped clean and only one tweet remained-

You cannot arrest an idea.

After the arrest on Wednesday, the Metropolitan Police are confident they have the right man. Although, the arrested Jake Davis does not match with earlier speculated details (of him being Swedish and 23 years of age), but the Metropolitan Police department is going ahead with the prosecution. Jake Davis will appear in court tomorrow.

Anonymous Strikes, Releases Confidential Documents Belonging to FBI Contractor ManTech International

Anonymous, working together with LulzSec and other hackers, has struck again. As a part of its Operation Antisec, Anonymous has released close to 400 megabytes of documents belonging to FBI contractor ManTech International. Ironically enough, ManTech proudly claims to specialize in tackling some of the most challenging cyber security problems facing our nation.

In the recent past, Anonymous and LulzSec have been actively targeted by law enforcement agencies around the world. FBI alone arrested 16 suspected Anonymous members earlier this month. In response, Anonymous has continued to strike high profile targets such as defense contractor Booz Allen Hamilton and NATO.

The documents leaked by Anonymous include everything from photographs to income statements and strategic plans. Last year FBI had outsourced its cyber security responsibilities to ManTech for $100 million. However, it’s not the sole federal agency that is served by ManTech. National Security Agency, U.S. Navy, Air Force, Army, Marine Corps, and Defense Intelligence Agency are some of the other esteemed clients of ManTech. In fact, an overwhelming proportion of the leaked documents pertain to NATO. ManTech was also possibly chosen because of its involvement in the planned smear campaign against WikiLeaks (dubbed Operation MetalGear), along with HBGary.

ManTech’s Official Response

It’s unclear exactly how much the recent spate of arrests has hurt Anonymous. Earlier this week, UK Police claimed to arrest Topiary, one of the major forces behind LulzSec. However, recent reports suggest that the law enforcement agencies might have been carefully and intentionally mislead into arresting the wrong person. However, one thing that is clear is that Anonymous doesn’t have any intention of giving up.

#Antisec Release

#OpPayPal is the New Hacktivist Operation from LulzSec and Anonymous

I think I should start this post by stating that there is a blurred distinction between Anonymous and LulzSec in the shady realms of the internet. Even in the face of this harsh reality, I have general contempt for the immature and mischevious LulzSec while I am not apathetic to Anonymous who are generally a more mature lot.


Considering the little amount of mayhem that LulzSec caused and the disproportionately high amount of chest thumping they gave themselves, they always seem to be on the threshold of quitting. Their latest communiqué comes at the heels of Anonymous’ #OpPayPal (the hashtag on Twitter for operation PayPal) a worldwide boycott of PayPal because they are still not allowing donations to Wikileaks and threatens PayPal with cracking into their vaults (emphasis added):-

The hateful fiends at PayPal have unleashed FBI sea dogs to hunt down some of the more beloved members of our battlefleet. That is why we have decided to raise anchor and leave harbour for one final journey on the seven proxseas. We’ve set our LulzCannon’s sights on the smarmy pirates of PayPal and will take no prisoners. They have not kept their most important booty safe. We find this very troubling, as it is not even their booty! Take this as a warning from your friendly LulzBoat captain. Wise little LulzLizards should withdraw their funds from PayPal before we do.

The LulzSec twitter account is also buzzing with a lot of anti-PayPal propaganda and suggesting a lot of alternatives for the service. We are not great fans of PayPal ourselves, but at least we do not break into the accounts of customers and steal their hard-earned money. It seems LulzSec is threatening to do exactly that.


Are you listening PayPal? Even if it is an empty threat, you should secure your network just to be safe.

Anonymous & LulzSec Tell FBI To Go Fish

Over the past couple of days the FBI has been making arrests in and around New York City with regards to the PayPal breach carried out by Anonymous back in December 2010. Over 14 people were arrested on Tuesday and several more searches are underway.

Back in December 2010, Anonymous had attacked PayPal because they had stopped or closed down accounts of . The shutdown was done because of the leak of classified U.S. documents by Wikileaks. After the PayPal breach, Anonymous continued destructing several other websites including those of MasterCard and Visa.

Also Read: Editorial: LulzSec, AntiSec and Why the Internet is a Sadder Place Now

The FBI had been on trail of suspects since a long time, but they final managed to make some arrests after almost 8 months. However, the arrests have hardly shaken Anonymous and the recently notorious LulzSec, who have grown in popularity over the past few months and had also recently attacked Rupert Murdoch’s newspapers because of the phone hacking scandal.

In a open letter to the FBI, Anonymous and LulzSec have basically asked the FBI to F*** Off. The response came after the deputy assistant FBI director Steven Chabinsky gave the following statement to NPR;

"We want to send a message that chaos on the Internet is unacceptable,  [even if] hackers can be believed to have social causes, it’s entirely  unacceptable to break into websites and commit unlawful acts."

The hacktivists replied to this message by arguing that Governments are lying to their citizens and trying to keep them into control and curtailing their freedom. Along with that, Corporations and lobbyists are conspiring with the Governments while collecting billions in funds for federal contracts.

They have also clearly stated that the "governments and corporations are their enemy" and they will continue to fight them. Additionally, Anonymous and LulzSec seem to have no fear in this world anymore and are claiming to be unstoppable;

We are not scared any more. Your threats to arrest us are meaningless to us as you cannot arrest an idea. Any attempt to do so will make your citizens more angry until they will roar in one gigantic choir. It is our mission to help these people and there is nothing – absolutely nothing – you can possibly to do make us stop.

This is definitely a direct attack on the FBI and their security and will ensure a cat-and-mouse game between the government and the hacktivists. It is definitely not the end and the authorities will have to fight a painful battle on the internet against people they might never be able to catch.

Also Read: LulzSec Takes Down CIA.gov Website, Forwards Prank Calls to FBI

The drama is yet to unfold. The next few months or years will show how this will pan out and who will win the battle. In the meantime, you can read the entire Anonymous & Lulz Security Statement below:

Hello thar FBI and international law authorities,

We recently stumbled across the following article with amazement and a certain amount of amusement:


The statements made by deputy assistant FBI director Steve Chabinsky in this article clearly seem to be directed at Anonymous and Lulz Security, and we are happy to provide you with a response.

You state:

  "We want to send a message that chaos on the Internet is unacceptable,   [even if] hackers can be believed to have social causes, it’s entirely   unacceptable to break into websites and commit unlawful acts."

Now let us be clear here, Mr. Chabinsky, while we understand that you and your colleagues may find breaking into websites unacceptable, let us tell you what WE find unacceptable:

* Governments lying to their citizens and inducing fear and terror to keep them in control by dismantling their freedom piece by piece.

* Corporations aiding and conspiring with said governments while taking advantage at the same time by collecting billions of funds for federal contracts we all know they can’t fulfil.

* Lobby conglomerates who only follow their agenda to push the profits higher, while at the same time being deeply involved in governments around the world with the only goal to infiltrate and corrupt them enough so the status quo will never change.

These governments and corporations are our enemy. And we will continue to fight them, with all methods we have at our disposal, and that certainly includes breaking into their websites and exposing their lies.

We are not scared any more. Your threats to arrest us are meaningless to  us as you cannot arrest an idea. Any attempt to do so will make your citizens more angry until they will roar in one gigantic choir. It is our mission to help these people and there is nothing – absolutely nothing – you can possibly to do make us stop.

  "The Internet has become so important to so many people that we have to ensure that the World Wide Web does not become the Wild Wild West."

Let me ask you, good sir, when was the Internet not the Wild Wild West? Do you really believe you were in control of it at any point? You were not.

That does not mean that everyone behaves like an outlaw. You see, most people do not behave like bandits if they have no reason to. We become bandits on the Internet because you have forced our hand. The Anonymous bitchslap rings
through your ears like hacktivism movements of the 90s. We’re back – and we’re not going anywhere. Expect us.

LulzSec Returns, Aims Its Cannons at Rupert Murdoch

The phone hacking scandal that started at the now-defunct British tabloid News of the World, has shaken up Rupert Murdoch’s media empire, News Corporation. Newspapers across the world are hungrily tearing at News Corp and its subsidiaries, because they engaged in illegal and obstructive activities to create the tabloid-worthy news. Can the righteous anger of the Internet be far behind?

Apparently the scandal was enough for our favorite privateers, the LulzSec, to stage a return.


They changed a Times redesign page to look like The Sun with the main story being that of Rupert Murdoch’s death by palladium ingestion. (The site has now been taken down)

Rupert Murdoch, the controversial media mogul, has reportedly been found dead in his garden, police announce.
Murdoch, aged 80, has said to have ingested a large quantity of palladium before stumbling into his famous topiary garden late last night, passing out in the early hours of the morning.
“We found the chemicals sitting beside a kitchen table, recently cooked,” one officer states. “From what we can gather, Murdoch melted and consumed large quantities of it before exiting into his garden.”



To further their claims, LulzSec redirected The Sun‘s .co.uk domain to their Twitter feed. (This has also been shut down, as the domain does not work now.)


How wonderful that these jolly rogers have come back! Rum and grog everywhere…NOT! It seems to me that these hackershave found yet another easy exploit to these newspaper websites, considering that they do not expect much of a security threat. Down the road I see yet another email grabbing mission from LulzSec and a general annoyance for News Corporation.   If there was anything at all that points towards LulzSec’s immature nature, it is this returnto fight injustice.

The Only Good That Came out of Lulzsec- Good Publicity for CloudFlare

Over the last few months, LulzSec has ransacked through the Internet causing mayhem. They started out with some bright zeal but their downfall was full of pathos. As time went by, it became clearer- they were a group of immature hacktivists who will lay their hands on just about anything. At the end,  their Lulz boat hit rock and this caused their hasty exit. Long story short, their disoriented nature brought upon them a sense of aimlessness.


This debacle might result in stringent laws that would curb many freedoms people enjoy online. However, in the midst of all this fiasco, a company specializing in web caching and spam security got all the attention they ever needed. CloudFlare was the unsung passive hero in this LulzSec affair and it deserves applause here.

The  CloudFlare blog starts the story with,

Thursday, June 2, 2011 was an otherwise unremarkable day in our office until we got word that LulzSecurity.com, a site that had quietly registered for CloudFlare earlier the same day, had allegedly published information it obtained from hacking the Sony Pictures’ website.

Within hours of the publication, we got notes from concerned individuals asking us to remove LulzSecurity.com’s website.

CloudFlare gives excellent protection against spam. However, it has also resulted in additional benefits, like a drastic increase in website performance and massive bandwidth saving for many websites. Overall, CloudFlare is on hot wheels after the LulzSec affair. I am not highlighting LulzSec and its deeds in this post.  LulzSec has been ridiculed enough already! CloudFlare was questioned a lot on it providing service to the LulzSec website. What I am definitely advocating here is how CloudFlare handled the matter with utmost care  both at an administrative and at a technical level. Neither did they allow themselves to be bullied into censoring content they serve, nor was their network compromised after repeated attempts. Better still, they utilized the attempted hacks on them to define a  better ruleset. You can read all about in their official announcement.  Also, read  Netcraft’s analysis of CloudFlare traffic from this affair.

Here is an explanation of how CloudFlare takes your website to the very next level. You can catch the video at Vimeo here.

Find out if Your Account Was Compromised and Leaked in Recent Hacks

For the past month or so, a group called Lulzsec has been causing havoc on the internet. They have been hacking servers and leaking usernames and passwords on the internet.

Should I Change My Password

Earlier today, Groupon India was hacked too, however, it is not known as to who was behind the hack. As a user, it is definitely difficult to find out if your account has been compromised or not. However, a new website called "Should I change My Password" is allowing users to search the database of leaked accounts to see if your account has been compromised.

Also Read: Editorial: LulzSec, AntiSec and Why the Internet is a Sadder Place Now

All you need to do is to enter the email address for your account and click on the "Check it!" button. It will then search the database that have been released by hackers to the public and see if your email address exists in it.

I would want to further add that regardless of whether your email was leaked or not, update your password immediately. It takes only few minutes and you can easily create strong passwords or use tools to generate strong passwords.

(via LH)

Editorial: LulzSec, AntiSec and Why the Internet is a Sadder Place Now

About thirteen hours prior to the writing of this piece, a very special surprise bootywas dropped by the infamous hackergroup LulzSec, over Twitter. The 50 Days of Lulzstatement and the accompanying torrent link with their last bountiful booty of 812,000 emails, AOL and AT&T internal dataand some other random information hacked off several servers, signified the end of the six-man self-appointed hacktivist group.


Their almost poetic farewell message was all about saying how much they cared about the very people they chose to disrupt, and how the world is a better place now since they have shown how a common man can spread anarchy so easily (emphasis added):-

We are Lulz Security, and this is our final release, as today marks something meaningful to us.

For the past 50 days we’ve been disrupting and exposing corporations, governments, often the general population itself, and quite possibly everything in between, just because we could. All to selflessly entertain others – vanity, fame, recognition, all of these things are shadowed by our desire for that which we all love. The raw, uninterrupted, chaotic thrill of entertainment and anarchy. It’s what we all crave, even the seemingly lifeless politicians and emotionless, middle-aged self-titled failures. You are not failures. You have not blown away. You can get what you want and you are worth having it, believe in yourself.

While we are responsible for everything that The Lulz Boat is, we are not tied to this identity permanently. Behind this jolly visage of rainbows and top hats, we are people. People with a preference for music, a preference for food; we have varying taste in clothes and television, we are just like you.

Together, united, we can stomp down our common oppressors and imbue ourselves with the power and freedom we deserve.

So with those last thoughts, it’s time to say bon voyage. Our planned 50 day cruise has expired, and we must now sail into the distance…

Extremely magnanimous of these fellows, is it not? These fine gentlemen showed us that a small bunch of people could bring the world down to its knees, all through open exploits and SQL vulnerabilities that anyone can search for from the comforts of their establishments.


I would have tapped my hat respectfully at LulzSec if I did not know more about the entire debacle of the past fifty days.

Actually, no, I would not have tapped my hat respectfully at LulzSec at all. If I did, my name would be OddJob and I would be throwing my hat at them. Why? Because LulzSec was never a hackergroup it was a group that used to search for known exploits online, and then use them to take down, deface and otherwise maim a server or a company. In the event that there was no known exploit, they would rely on Distributed Denial of Service (DDoS) attacks using the Low Orbit Ion Cannon (LOIC) to take down a website. All of this in the name of lulzand, later, antisec/wikileaks movement.