Second accused LulzSec hacker arrested in Sony Pictures breach

August 29, 2012

Chicago Tribune on August 28, 2012 released the following:

“Steve Gorman
Reuters

LOS ANGELES (Reuters) – A second suspected member of the clandestine hacking group LulzSec was arrested on Tuesday on charges he took part in an extensive computer breach of Sony Pictures Entertainment, the FBI said.

Raynaldo Rivera, 20, of Tempe, Arizona, surrendered to U.S. authorities in Phoenix six days after a federal grand jury in Los Angeles returned an indictment charging him with conspiracy and unauthorized impairment of a protected computer.

If convicted, Rivera faces up to 15 years in prison.

The indictment, unsealed on Tuesday, accuses Rivera and co-conspirators of stealing information from Sony Corp’s Sony Pictures’ computer systems in May and June 2011 using an “SQL injection” attack against the studio’s website, a technique commonly employed by hackers.

The indictment said Rivera then helped to post the confidential information onto LulzSec’s website and announced the intrusion via the hacking group’s Twitter account.

While Rivera was the only person named in the indictment, the FBI said his co-conspirators included Cody Kretsinger, 24, a confessed LulzSec member who pleaded guilty in April to federal charges stemming from his role in the Sony attack.

Following the breach, LulzSec published the names, birth dates, addresses, emails, phone numbers and passwords of thousands of people who had entered contests promoted by Sony, and publicly boasted of its exploits.

“From a single injection we accessed EVERYTHING,” the hackers said in a statement at the time. “Why do you put such faith in a company that allows itself to become open to these simple attacks?”

Authorities have said the Sony breach ultimately cost the company more than $600,000.

LulzSec, an underground group also known as Lulz Security, is an offshoot of the international hacking collective Anonymous and has taken credit for such cyber incursions on a number of government and private sector websites.

The latest indictment says Rivera, who went by the online nicknames of “neuron,” “royal” and “wildicv,” is suspected of using a proxy server in a bid to conceal his Internet Protocol, or IP, address, and avoid detection.

Court documents revealed in March that an Anonymous leader known as Sabu, whose real name is Hector Monsegur, had pleaded guilty to hacking-related charges and provided information on his cohorts to the FBI.

That same month, five other suspected leaders of Anonymous, all them alleged to be LulzSec members as well, were charged by federal authorities with computer hacking and other offenses.

An accused British hacker, Ryan Cleary, 20, was indicted by a federal grand jury in June on charges related to LulzSec attacks on several media companies, including Sony Pictures.

Kretsinger, who pleaded guilty to the same two charges now facing Rivera, is slated to be sentenced on October 25. A federal prosecutor said he would likely receive substantially less than the 15-year maximum prison term carried by those offenses.

Anonymous and its offshoots focused initially on fighting attempts at Internet regulation and the blocking of free illegal downloads but have since taken aim at the Church of Scientology, global banking and other targets.

Anonymous, and LulzSec in particular, became notorious in late 2010 when they launched what they called the “first cyber war” in retaliation for attempts to shut down Wikileaks.”

————————————————————–

Douglas McNabb – McNabb Associates, P.C.’s
Federal Criminal Defense Attorneys Videos:

Federal Crimes – Be Careful

Federal Crimes – Be Proactive

Federal Crimes – Federal Indictment

Federal Crimes – Detention Hearing

————————————————————–

To find additional federal criminal news, please read Federal Criminal Defense Daily.

Douglas McNabb and other members of the U.S. law firm practice and write and/or report extensively on matters involving Federal Criminal Defense, INTERPOL Red Notice Removal, International Extradition Defense, OFAC SDN Sanctions Removal, International Criminal Court Defense, and US Seizure of Non-Resident, Foreign-Owned Assets. Because we have experience dealing with INTERPOL, our firm understands the inter-relationship that INTERPOL’s “Red Notice” brings to this equation.

The author of this blog is Douglas C. McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.


Briton Accused of Hacking Fox, PBS Websites

June 14, 2012

ABC News on June 14, 2012 released the following:

“By SHAYA TAYEFE MOHAJER Associated Press

A 20-year-old Briton suspected of links to the hacking group Lulz Security is accused of cracking into websites for a Fox reality TV show, a venerable news show and other sites to deface them or steal personal information, federal prosecutors said Wednesday.

A federal grand jury indicted Ryan Cleary on conspiracy and hacking charges for allegedly hacking sites for the talent competition “The X-Factor,” the site for “PBS NewsHour,” Sony Pictures and others.

The indictment filed Tuesday alleges Cleary and his co-conspirators would identify security vulnerabilities in companies’ computer systems and use them to gain unauthorized access and, often, cause mayhem.

In a separate and similar case filed against Cleary in the United Kingdom in 2011, he faces allegations that he and others hacked a law enforcement agency, the Serious Organized Crime Agency, and various British music sites — all while he was still a teenager.

Cleary was taken into custody in March and remains in custody in the United Kingdom, said Laura Eimiller, FBI spokeswoman.

In one instance, the U.S. indictment alleges, Cleary conspired to steal the confidential information of people who registered to get information on auditions for the Fox talent competition “The X-Factor.”

That hack was the first to be claimed by LulzSec, an offshoot of the larger hacking group Anonymous, in tweets about its international hacking spree that began in May 2011.

Later that month, LulzSec claimed to have hacked the website of the Public Broadcasting Service, where a phony news story was posted claiming the dead rapper Tupac Shakur was alive and living in New Zealand.

The post caused a stir on the site for “PBS NewsHour,” an award-winning broadcast news show, and came after the network aired a documentary on WikiLeaks founder Julian Assange that was deemed critical. PBS’ ombudsman at the time defended the program’s treatment of Assange as “tough but proper.”

The indictment also alleges LulzSec and Cleary hacked into the computer systems of Sony Pictures Entertainment Inc. in June 2011 to steal confidential information of users who had registered on the company’s website.

Cleary faces a maximum of 25 years if convicted on all charges.

Calls and emails to Fox, Sony and “The NewsHour” seeking comment and confirmation were not immediately returned Wednesday.

An after-hours call to Cleary’s legal representative in London was not returned. It was not immediately clear who would represent him in the United States.

LulzSec also has claimed responsibility for hacking incidents not listed in Cleary’s indictment, including hacking the CIA’s public-facing website and the Atlanta chapter of an FBI partner organization called InfraGard.”

————————————————————–

Douglas McNabb – McNabb Associates, P.C.’s
Federal Criminal Defense Attorneys Videos:

Federal Crimes – Be Careful

Federal Crimes – Be Proactive

Federal Crimes – Federal Indictment

Federal Crimes – Detention Hearing

————————————————————–

To find additional federal criminal news, please read Federal Criminal Defense Daily.

Douglas McNabb and other members of the U.S. law firm practice and write and/or report extensively on matters involving Federal Criminal Defense, INTERPOL Red Notice Removal, International Extradition Defense, OFAC SDN Sanctions Removal, International Criminal Court Defense, and US Seizure of Non-Resident, Foreign-Owned Assets. Because we have experience dealing with INTERPOL, our firm understands the inter-relationship that INTERPOL’s “Red Notice” brings to this equation.

The author of this blog is Douglas C. McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.


FBI’s ‘Sabu’ Hacker Was a Model Informant

March 9, 2012

The Wall Street Journal on March 8, 2012 released the following:

“By CHAD BRAY

As soon as he was caught, an influential computer hacker agreed to become a government informant and “literally worked around the clock” to help federal agents nab an elusive collective of alleged cyber criminals who have launched online attacks against companies, governments and individuals.

The new details, revealed in court documents made public on Thursday, show how quickly investigators were able to turn 28-year-old Hector Xavier Monsegur against his fellow alleged hackers.

Known as “Sabu” in hacking circles, he was placed under supervision by Federal Bureau of Investigation agents shortly after he was arrested at 10:15 p.m. on June 7 last year. His file was sealed by a judge.

“Since literally the day he was arrested, the defendant has been cooperating with the government proactively,” sometimes staying up all night engaging in conversations with co-conspirators to help the government build cases against them, Assistant U.S. Attorney James Pastore said at a secret bail hearing on Aug. 5, 2011, according to a transcript released on Thursday.

The investigation led to the unveiling of criminal charges on Tuesday against a group of men allegedly behind Lulz Security, or LulzSec. The group, formed last May, claimed responsibility for a series of brazen online attacks including hacking computer servers of television network PBS in retaliation for a “Frontline” episode about WikiLeaks, and stealing personal information from about 100,000 customers of hacked Sony Pictures.

In addition to the Sony and PBS attacks, LulzSec has claimed responsibility for attacks on the U.S. Senate and InfraGard, an affiliate of the Atlanta chapter of the FBI. Those attacks were all cited in Tuesday’s charging documents.

Mr. Monsegur, a few days after his bail hearing in August, pleaded guilty to 12 criminal charges, including three counts of conspiracy to engage in computer hacking, computer hacking in furtherance of fraud, conspiracy to commit access device fraud, conspiracy to commit bank fraud and aggravated identity theft. He faces up to 124 years in prison. A lawyer for Mr. Monsegur declined to comment Thursday.

On Aug. 10, 2011, a federal prosecutor in Los Angeles who was working on the case asked that details for charges against Mr. Monsegur in Los Angeles remain secret. In a document, Assistant U.S. Attorney Stephanie S. Christensen said other hackers were aware of Mr. Monsegur’s true identity, even though he often used a nickname or online personality while communicating with them. She said if news of his arrest were made public, he might be identified as a cooperator. She noted that the hackers monitored public court dockets.

“The FBI has informed me that the hackers are known to take steps against those who cooperate with the government,” Ms. Christensen said. She pointed to a practice known as “Doxing” where hackers post personal details about a person for public consumption online. “The publicly available information may then be used to harass the cooperator and the cooperator’s family in a variety of ways,” she said. “This obviously creates danger for the cooperator, the cooperator’s family, and law enforcement.”

Prosecutors, who said Mr. Monsegur was kept under close surveillance during the investigation—with software installed on his computer to track his online activity and video surveillance set up in his home—also said that Mr. Monsegur agreed to cooperate at “a significant amount of personal risk” to himself. Mr. Monsegur, who was unemployed at the time, is a foster parent to two nieces.

Some hackers retaliate against cooperators by ordering hundreds of pizzas to their house or calling in hostage situations and having a SWAT team show up, Mr. Pastore said.

During the investigation, Mr. Monsegur, who lived in and worked from a public-housing project in New York City, received information on a day-to-day basis of “upwards of two dozen vulnerabilities” in computer systems from a network of cybercriminals, Mr. Pastore said in court documents released Thursday. The FBI was able to identify more than 150 security vulnerabilities at the time, allowing companies to prevent a hack before it occurred or mitigate harm from prior hacking activity, he said.

Ultimately, federal agents were able to thwart more than 300 attacks that other hackers were planning as a result of information provided by Mr. Monsegur, according to a person familiar with the matter.

LulzSec is one of several shadowy hacker groups that have sprung to global prominence over the past year and are loosely organized, often with no central leadership. Mr. Monsegur is described in charging documents as an “influential” member of three such hacking organizations—LulzSec and two others known as Anonymous and Internet Feds. Charges against a total of six men were announced on Tuesday, after which Mr. Monsegur’s identity was revealed.”

————————————————————–

Douglas McNabb – McNabb Associates, P.C.’s
Federal Criminal Defense Attorneys Videos:

Federal Crimes – Be Careful

Federal Crimes – Be Proactive

Federal Crimes – Federal Indictment

Federal Crimes – Detention Hearing

————————————————————–

To find additional federal criminal news, please read Federal Crimes Watch Daily.

Douglas McNabb and other members of the U.S. law firm practice and write and/or report extensively on matters involving Federal Criminal Defense, INTERPOL Red Notice Removal, International Extradition and OFAC SDN Sanctions Removal.

The author of this blog is Douglas McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.


Alleged Sony Entertainment Computer Hacker From LulzSec Arrested by FBI

September 23, 2011

Bloomberg on September 22, 2011 released the following:

“A Phoenix man alleged to be a member of the LulzSec hacking group was arrested by the FBI on charges he broke into Sony Pictures Entertainment Inc.’s computer systems in May and June.

Cody Kretsinger was arrested yesterday, the Federal Bureau of Investigation said in an e-mailed statement. Kretsinger, 23, belonged to Lulz Security, or LulzSec, a group of “elite computer hackers” that undertook cyber attacks on the computer systems of businesses and government entities in the U.S. and around the world, according to an indictment unsealed yesterday in federal court in Los Angeles.

Kretsinger, who used the alias “Recursion,” and other unidentified hackers probed the Sony Inc. unit’s computer systems for vulnerabilities and obtained confidential information that was posted on a LulzSec website and on the group’s twitter account, according to the indictment.

LulzSec is affiliated with an international hackers group called “Anonymous,” the FBI said in the statement.

Kretsinger faces as long as 15 years in prison if convicted of conspiracy and unauthorized impairment of a protected computer, the FBI said.

The name of Kretsinger’s lawyer wasn’t immediately available.

LulzSec Posted Statements

LulzSec in June posted statements online saying it had broken into SonyPictures.com and downloaded unencrypted personal information, including passwords, e-mail addresses and dates of birth from 1 million user accounts.

The attack followed earlier ones this year in which Tokyo- based Sony had said more than 100 million accounts were compromised after hackers broke into its networks. Sony suspended operation of the PlayStation Network in the U.S. and Europe for six weeks after the earlier attacks.

Sony said in May there was some evidence linking Anonymous to the PlayStation hack. There have been no arrests in that case.

LulzSec, following the attack on Sony Pictures’ systems, posted customer information online from what appeared to be sweepstakes and loyalty-program databases, including one tied to the long-running soap opera “The Young and the Restless.” The group also took information from Sony music operations in Belgium and the Netherlands, it said.

The group, which has also claimed credit for hacking into websites of the U.S. Senate and Central Intelligence Agency, said later in June that it was ending its cyber attacks. The CIA’s public website was taken down on June 15.

Hacker activist groups gained attention after Anonymous, made up of hundreds of members in several countries, in December targeted EBay Inc. (EBAY)’s PayPal unit, Visa Inc. and other companies deemed hostile to WikiLeaks, an organization that posts secret documents on the Web.

U.S. prosecutors in July arrested and charged 14 people with involvement in the PayPal attacks.

The case is U.S. v. Kretsinger, 11-848, U.S. District Court, Central District of California (Los Angeles).”

To find additional federal criminal news, please read Federal Crimes Watch Daily.

Douglas McNabb and other members of the U.S. law firm practice and write and/or report extensively on matters involving Federal Criminal Defense, INTERPOL Red Notice Removal, International Extradition and OFAC SDN Sanctions Removal.

The author of this blog is Douglas McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.

Bookmark and Share