How celebrity hacker helped feds thwart 300 cyber-attacks

NEW YORK (CNNMoney) — The celebrity hacker “Sabu” helped the FBI imprison his friends and stop more than 300 cyber-attacks in the three years since he betrayed several major hacking groups.

That’s according to new U.S. government documents that for the first time provide extensive detail about what they call the “extremely valuable and productive” undercover cooperation of Hector Monsegur.

Monsegur used the Sabu moniker online, where he was a member of the hacking collectives Anonymous and LulzSec.

He pleaded guilty to charges including identity theft and credit card fraud and is set to be sentenced on Tuesday.

He would face up to 26 years in prison for the $2.5 million in losses connected to his hacks, but the government is seeking leniency — perhaps no additional prison time beyond seven months he already served.

Prosecutors said his work on behalf of the FBI helped thwart attacks on websites belonging to the U.S. military, NASA and media companies, among others. The FBI relocated him and his family because he received threats for his cooperation, the court documents say.

Monsegur was part of a group of hackers that became notorious in 2011 for breaking into or disabling U.S. government and corporate websites. The Anonymous-affiliated groups LulzSec and Internet Feds targeted sites including PBS, Fox Television, Nintendo and Sony Pictures. Their public boasts on Twitter and elsewhere on the Internet drew them instant celebrity as so-called hacktivists, because they often claimed to make a political point in their activities.

The documents show that in June 2011, FBI agents visited Monsegur’s apartment in a public housing project in Manhattan’s lower east side. They confronted him about his activities and he immediately agreed to become an informant.

He agreed to a guilty plea, returned to his apartment and was back online in hours — this time, working for the FBI.

His assistance helped the FBI investigate and net LulzSec and Internet Feds members, including the FBI’s most-wanted cybercriminal, Jeremy Hammond, who is serving a 10-year prison sentence, prosecutors said in court documents.

“Working sometimes literally around the clock, at the direction of law enforcement, Monsegur engaged his co-conspirators in online chats that were critical to confirming their identities and whereabouts,” prosecutors said. “During some of the online chats, at the direction of law enforcement, Monsegur convinced LulzSec members to provide him digital evidence of the hacking activities they claimed to have previously engaged in, such as logs regarding particular criminal hacks.”

His quick cooperation was key, according to the documents, because LulzSec had established a protocol to destroy computer evidence if any of their members went missing or was arrested.

“Monsegur admitted to engaging in hacking activities about which the government had not previously developed evidence,” prosecutors said. He hacked thousands of computers, at first in a bid to build a legitimate computer security company and then to steal and pay his bills, prosecutors said.

Monsegur’s cooperation with the FBI became public when he was arrested in 2012 for making unauthorized online postings, violating his cooperation agreement.

Upon the news, Anonymous members hacked a computer-security website and posted an open letter to Sabu. It read: “Sabu snitched on us. As usually happens FBI menaced him to take his sons away. We understand, but we were your family too (remember what you liked to say?) It’s sad and we can’t imagine how it feels having to look at the mirror each morning and see there the guy who shopped their friends to [the] police.”

™ & © 2014 Cable News Network, Inc., a Time Warner Company. All rights reserved.

hacker-passwords

(Photo: CNN)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s