LulzSec member 'Sabu' turns on cohorts in FBI sting

LulzSec receives a body blow with the arrest of six individuals, most notably one core member, Hector Monsegur, who is said to have been turned by the FBI into assisting their investigation.

An investigation into the criminal activity of LulzSec has resulted in the arrests of six individuals both in the U.S. and abroad, dealing a serious blow to the group loosely affiliated with Anonymous as well as AntiSec. The investigation involved a number of law enforcement agencies, most notably the Federal Bureau of Investigation, whose agents managed to flip the so-called "mastermind" of LulzSec, Hector Xavier Monsegur — known by his alias Sabu within the LulzSec circles.

The Fox News report describes the turning of Monsegur as a mafia-type figure who elected to help the Feds when he was threatened with a prison sentence that would separate him from his young children.

On Aug. 15, 2011, Monsegur pleaded guilty to more than ten charges relating to his hacking activity. In the following few weeks, he worked almost daily out of FBI offices, helping the feds identify and ultimately take down the other high-level members of LulzSec and Anonymous, sources said. In time, his handlers allowed him to work from the home from which he previously wrought destruction, using a PC laptop provided by the FBI.

According to the same Fox report, Monsegur helped the FBI in a variety of ways — tweeting misinformation as instructed by handlers, verifying the truth of various threats, and even interceding in operations launched by LulzSec or Anonymous members against various targets. In fact, a lot of the report reads like a made-for-tv movie script:

When the CIA found itself under siege from LulzSec hackers, Sabu stepped in. With his underlings launching so-called DDoS attacks — denial of service cyberattacks that basically flood a website with traffic to overwhelm it — the CIA's public website was threatened.

"We told Sabu to tell them to stop," an official said. "‘It's embarrassing for the CIA,' we told Sabu, ‘Make them stop, now.'"

Sabu sent out the order: "You're knocking over a bee's nest," he warned his associates. "Stop."

They did.

If you'd like to read the case against Monsegur, here is the U.S. v. Hector Xavier Monsegur document.

Others arrested are:

  • Ryan Ackroyd, also known as lolspoon or lol
  • Jake Davis, or topiary
  • Darren Martyn, or pwnsauce
  • Donncha O'Cearrbhail, or palladium.
  • Jeremy Hammond, or Anarchaos (AntiSec)

Hammond, by the way, is charged with hacking into Strategic Forecasting, the exploit that Patrick Lambert covered in his article on Monday, "WikiLeaks publishes millions of Stratfor emails accessed by Anonymous."

What do you think will happen next? Will Anonymous or its splinter groups launch further retaliatory attacks in response to the arrests or is this operation likely to put a chill on the "hacktivist" community?


Selena has been at TechRepublic since 2002. She is currently a Senior Editor with a background in technical writing, editing, and research. She edits Data Center, Linux and Open Source, Apple in the Enterprise, The Enterprise Cloud, Web Designer, and...

Editor's Picks