Was Anonymous’ Hacker-Informant Sabu A Tool Of FBI Entrapment?

Forbes on March 7, 2012 released the following:

“Andy Greenberg, Forbes Staff

In a typical criminal conspiracy takedown, lower-level minions are flipped to inform on a crime syndicate’s boss. But in the investigation of LulzSec, the hacker splinter group that broke off from Anonymous last summer, the FBI seems to have found a snitch in none other than the conspiracy’s ringleader and organizer, the 28-year-old hacker known as Sabu.

Which raises a strange question: As the FBI worked to take down the radical hacktivist group over the last months, was it also egging it on?

Yesterday it was revealed that Hector Xavier Monsegur, the alleged hacker known as Sabu, had been acting as a government informant since as early as last June, helping to provide the FBI with information that led to three more arrests of alleged LulzSec-related hackers yesterday, along with new charges against two of the other related defendants. The help of the Spanish-speaking Monsegur may have even aided the arrest of 25 other alleged members of Anonymous in Spain and South America late last month.

But criminal defense lawyers for those accused hackers are no doubt poring over his communications with their clients, and looking for evidence of entrapment: the defense that the U.S. government, with an influential member of Anonymous as their pawn, pushed hackers into the same illegal acts for which they’re now prosecuting them.

Months after Monsegur began cooperating with law enforcement, his Twitter feed (with 45,000 followers) continued to rally his hacktivist “brothers” to attack governments and private corporate targets. A message he wrote in late December asked for fellow hackers to give him stolen documents so that they could be published under the banner of “Antisec,” the sub-movement against the security industry in which he was a vocal organizer. “Leakers, security researchers or hackers who have vulnerabilities or leaked docs contact us,” Monsegur wrote.

After the assassination of Iranian nuclear scientists in January, he called for hacking attacks on Israel. “Since #israel started the week by blowing up Iranian nuclear scientists – how about we focus on disrupting their infrastructure?” he wrote to his followers.

As recently as last month, Monsegur was inciting attacks on Interpol in retaliation for arrests of his fellow anons. “Hackers of the world: Interpol has declared war on hackers,” he wrote. “Time to strike back. Infiltrate.” The denial of service attack on Interpol’s website that followed took the site down for around half an hour.“

And perhaps most significantly, Monsegur seems to have taken an active part in the attack on the private intelligence think tank Stratfor, whose millions of stolen emails are now being released by WikiLeaks. In fact, the indictment of 27-year old Chicagoan Jeremy Hammond, unsealed Tuesday, states that an informant under the name Cooperative Witness One or “CW-1″ in New York convinced Hammond to move stolen Stratfor data to a server that the informant provided. Given that there are no other indicted members of LulzSec in New York, CW-1 is no doubt Monsegur.

In other conversations between Monsegur and Hammond included in the indictment–and there’s no telling what Monsegur may have said that wasn’t quote by prosecutors–Monsegur explicitly encourages illegal hacking and disclosure of stolen info.

“Wanna release that list of 92% cracked Stratfor hashes?” he asks Hammond at one point. Hammond replies to Monsegur that it’s “Your call.”

“If I get raided anarchaos your job is to cause havok in my honor,” Monsegur tells Hammond later, using one of the hacker’s pseudonyms.

“It shall be so,” Hammond responds.

Whether this kind of encouragement and support for illegal hacking rises to the level of entrapment, however, is far from clear, says Electronic Frontier Foundation attorney Hanni Fakhoury. The legal definition of entrapment hinges on two separate issues: Inducement and predisposition. To meet the “inducement” requirement, the government must be actively “authorizing, directing or supervising” the defendant’s criminal behavior. And to pass the second criteria, the defendant has to be shown to have not had a predisposition to commit that crime without the government’s encouragement.

Fakhoury cautions that the case for any defendant associated with Monsegur would depend on the specific facts of that person’s behavior and communications with Monsegur. But he believes the first element of entrapment may strongly apply in some of the indicted hackers’ cases, while the predisposition case will be more difficult to argue. “I think inducement is pretty clear here,” says Fakhoury. “The government knew what [Monsegur] was doing. Much harder will be proving pre-disposition: that the defendants weren’t already predisposed to engage in that [illegal] behavior.”

Given that members of Anonymous often openly discuss their motivations and gain status in the group by acting on their own initiative, prosecutors may have an easy time showing that any defendants in Monsegur’s circle were already predisposed to hacking. “They’re pretty vocal about their tactics and their policies and what they want to do,” says Fakhoury. “A traditional entrapment case is someone who’s pressured into something. These individuals aren’t usually pressured, and they often make statements like ‘This is why I’m involved in Anonymous and this is what I’m doing.’”

In other areas, particularly domestic terrorism, the FBI has been known to weave complex scenarios around suspects to actively tempt them into committing crimes. In the case of the “Newburgh Five,” a group of New York men charged with plotting to bomb synagogues in the Bronx and shoot down military airplanes, the FBI informant in many respects functioned as the primary organizer of the plot, offering to supply the group with its explosives, a BMW, a $250,000 payment. As for the “terrorists” themselves, they were hardly capable of carrying out the attack on their own: None even had a driver’s license.

In another case, two activists at the Republican National Convention were arrested and convicted on terrorism charges for making Molotov cocktails. As laid out in the recent documentary “Better This World,” the pair had been mentored in radical activism for over a year by a well-known activist-turned-FBI-informant who encouraged them to abandon more pacificist measures.

Despite cases like these, none of the 10 terrorism prosecutions involving informants over the last decade has successfully used an entrapment defense. “In short, if a suspicion of entrapment seems a viable starting-point for a defense, forget it,” attorney Karen Greenberg wrote in an editorial in the Guardian. “Find another strategy with which to defend your client.”

In the case of Monsegur, the EFF’s Fakhoury says the case does indeed smell “fishy.” ”Is the government manufacturing crime in order to prevent it?” he asks. “Something about it definitely doesn’t seem right.”

And whether or not an entrapment defense will win out for any of Monsegur’s fellow hackers, Fakhoury expects the issue to appear in their upcoming trials. “I don’t think this will necessarily be that successful a defense,” he says. “But it’s one that should absolutely be raised by any good defense attorney.””


Douglas McNabb – McNabb Associates, P.C.’s
Federal Criminal Defense Attorneys Videos:

Federal Crimes – Be Careful

Federal Crimes – Be Proactive

Federal Crimes – Federal Indictment

Federal Crimes – Detention Hearing


To find additional federal criminal news, please read Federal Crimes Watch Daily.

Douglas McNabb and other members of the U.S. law firm practice and write and/or report extensively on matters involving Federal Criminal Defense, INTERPOL Red Notice Removal, International Extradition and OFAC SDN Sanctions Removal.

The author of this blog is Douglas McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.

Comments are closed.

%d bloggers like this: