Moderators: Elvis, DrVolin, Jeff
by Wombaticus Rex » Wed Mar 07, 2012 4:20 pm
by Twyla LaSarc » Thu Mar 08, 2012 1:16 am
by Wombaticus Rex » Fri Mar 09, 2012 6:20 pm
When the FBI arrested LulzSec leader Hector "Sabu" Monsegur, they did so in a hurry—hours before the arrest, Sabu was doxed, his identity posted to the Internet. With his name public, federal agents feared that he would start destroying evidence to protect himself, so they ended their covert surveillance and moved in, according to Fox News.
Efforts to name and shame the LulzSec crew during its 50-day rampage were common. Many of these doxings were inaccurate, a result of faulty inferences or deliberate attempts to mislead on the part of the LulzSec hackers.
But not all were wrong. In fact, the game of doxing Sabu was over before it had even started. He was correctly doxed more than two months before his arrest—in fact, more than a month before LulzSec had even started publicly operating.
This first doxing happened after a group of former Anonymous members, displeased at the moralizing direction that Anonymous had taken and at Sabu's leadership role, decided to take action. Speaking to Gawker almost one year ago, the dissident group calling itself Backtrace Security announced that it was going to post chat transcripts and information about the identies of Anonymous members.
Several days later, it followed through on its promise, releasing IRC logs called "consequences.pdf" (MD5 checksum: a4084efa1713447d295919b4670769da) and a file called"namshub.pdf" (MD5 checksum: 042a645a1bf4cdfb433887424455234e) that showed a spreadsheet of online names, real names, locations, and other evidence about Anonymous members. (The files have now been pulled, allegedly at the "request of the Federal Bureau of Investigation.")
While at least some of the information in namshub.pdf is incorrect—subsequent arrests have established the real identities of Topiary and Kayla, and they don't match Backtrace's claims—one name stands out. Sabu is identified as "Hector Xavier Montsegur." This is slightly misspelled, but it's the right name nonetheless. The document also claimed, correctly, that Sabu lives on New York City's Lower East Side.
The PDFs garnered some attention at the time—they even resulted in Backtrace Security being doxed—but apparently not enough attention to force the FBI's hand.
Backtrace then decided to out Sabu again. Early in the evening of June 7, the day of Sabu's arrest, the Twitter account belonging to Backtrace Security wrote: "Hector Xavier Montsegur -aka Xavier de Leon - aka (Sabu)." The same misspelling, but the same correct name.
Doxings continued even after Sabu's arrest and eventual co-operation with the FBI. These subsequent attempts retained the hit and miss pattern of Backtrace's "namshub" document. Sabu was variously claimed to be Hector Monsegur, Hector Montsegur, and, "Hugo Carvalho."
The bad information in the doxings had many convinced, however. After Jake "Topiary" Davis was arrested in the UK, some outlets even claimed that the police had got it wrong and that the person arrested couldn't be Topiary, because the dox (from Backtrace and others) fingered him as a Swede.
As for how Sabu was identified? Fox reports that the FBI depended on a mistake by Sabu: he accidentally joined an Anonymous IRC server from his own IP address rather than connecting via anonymizing service Tor. Backtrace might have similarly depended on this mistake.
But some of the doxers went a different route. Sabu occasionally mentioned ownership of a domain called prvt.org in his chats, including those in Backtrace's "consequences" document. Every domain registration is associated with corresponding information in the WHOIS database. This information is supposed to include the name and address of the domain's owner.
Often this information is incorrect (most domain registrars do nothing to validate it) or anonymized (many firms offer "proxy" domain registration, so the WHOIS database contains the details of the proxy registrar, rather than the person using the domain). Monsegur appeared to use one of these anonymizing services, Go Daddy subsidiary Domains By Proxy, for registering the prvt.org domain.
The registration for the domain was due to expire on June 25, 2011, requiring Monsegur to renew it. But for some reason—error on Monsegur's part perhaps, or screw-up by the registrar—the renewal was processed not by Domains By Proxy but by its parent, Go Daddy. Unlike Domains By Proxy, Go Daddy uses real information when it updates the WHOIS database, so on 24th June (the day before it was due to expire), Monsegur's name, address, and telephone number were all publicly attached to his domain name.
Monsegur quickly remedied the mistake, changing the WHOIS registration to use various other identities—first to that of Adrian Lamo (who reported Bradley Manning to authorities) and then to "Rafael Lima" and subsequently to "Christian Biermann". This attempt to mislead those relying on the WHOIS information successfully misled some would-be doxers. But not all: by August there were extensive dossiers on Sabu's true identity.
Ultimately, the doxers and Backtrace Security did more than just name Sabu; they also fingered him as co-operating with the FBI. Whether by luck or judgement, Sabu detractors regularly accused him of working for law enforcement. Turns out they were right about that, too.
The hacker known as "Sabu" inspired fear in corporations and loyalty from his LulzSec/Anonymous associates, but when he showed up in a Lower Manhattan federal courtroom on August 15, 2011, he was a humbled man.
Hector Monsegur was there to plead guilty to 12 counts of hacking, bank fraud, and identity theft. Only 27 years old, he was facing a possible sentence of 122 years in prison for the charges—and he was also wanted in California (in two separate judicial districts), Virginia, and Georgia. The case was critical for the government; the US Attorney for the Southern District of New York, Preet Bharara, personally attended the hearing.
Monsegur had been arrested by FBI agents back in June after they had linked Monsegur to the "Sabu" name; agents found him operating out of a modest sixth-floor apartment in public housing. Neighbors had long complained about the noise and revelry from his apartment, which often went on all night long.
By August, Monsegur had agreed in principle to a plea deal with the government. He now feared for his own safety. The government, first his foe, became his protector; after all, his enemies had already correctly identified him in various Internet postings. The guilty plea hearing therefore took place in a sealed courtroom "in light of the danger to defendant," said Judge Loretta Preska in a transcript of the hearing obtained by Ars Technica.
Monsegur was polite, saying little but "Yes" and "Yes, your honor" as the the judge ensured that he was making a plea voluntarily, and that it was in his best interests to do so. The deal on offer was "a little unusual," as Assistant US Attorney James Pastore told the court. It was a "global" plea deal that applied not just to the charges brought by Bharara and his staff, but by any charges that might be filed by the other 93 US Attorneys in the country.
Monsegur would agree to help the government make its case against his former associates and he would plead guilty to a string of offenses. The government would ask for leniency, but Monsegur was guaranteed a minimum two year prison sentence, and he agreed to pay restitution. The plea deal did not cover any criminal tax violations; if Monsegur had screwed the IRS, he was on his own.
Confession
The agreement was acceptable to the court, but the judge had one further question. "And do I understand that you are offering to plead guilty because you are in fact guilty?" Monsegur answered a short "yes." And with that, it was time to confess on the record.
"Tell me what you did, sir," said Judge Preska, and Monsegur began.
All of the illegal conduct I am about to admit took place between 2010 and 2011. All of the conduct also involved the use of a computer located in Manhattan. I was not authorized to gain access to any of the computer systems involved in my offense conduct. For the conduct referred to in Counts One to Eight it was my intent to cause damage to these systems. As a result of this conduct, damages of $5,000 occurred in each instance...
I agreed with others to participate in a scheme, and I personally participated in a DoS attack on computer systems, PayPal, MasterCard, and Visa. I also participated in those attacks against computer systems of Tunisia and Algeria. In addition, I attempted to obtain information from the EAGLE server of Zimbabwe. I knew my conduct was illegal...
I agreed with others to participate in the scheme and personally participated in obtaining access to a PBS Web site and defaced it...I also participated to gaining access to computer systems used by Sony Pictures and stole confidential information... I also participated in a cyber attack on the systems of Infraguard-Atlanta... I agreed with others and personally participated in cyber attacks on the systems of HBGary and Fox resulting in a loss of more than $5,000, and I knew my conduct was illegal.
And so it went, down the list of known and suspected hacks. One surprise emerged.
"I gained unauthorized access to the computer systems of an auto supply company with the intent to defraud the company," Monsegur admitted, "and fraudulently caused about $3,456 worth of automobile motors to be shipped to myself. I knew the conduct was illegal."
He also admitted to using stolen credit card numbers to "pay my own bills" and to obtaining "names, Social Security numbers, and addresses of [bank] accounts and account holders."
Some of this involved hacking; some did not. After a moment of confusion, the judge asked Monsegur to clarify how he had obtained bank account information and Social Security numbers.
"I downloaded the PDFs of TurboTax returns that were publicly accessible over Google, and that's it," he responded. "And due to the downloading of the PDFs, I had access to the bank account information, Social Security numbers, names, and all of that."
With that, the hearing came to a close, but it would leave no record in the court's official docket. Not only were all documents around the case sealed, but the case itself was subject to "delayed docketing." As the judge noted in her final remarks, "the facts here are sufficiently unique that it is possible that the defendant could be identified and, thus, be in great personal danger."
As Monsegur left the courthouse and stepped out into Pearl Street's August heat, he had a new secret—one that he would have to keep for the next seven months until his betrayal splashed onto the front pages of newspapers around the world.
by RobinDaHood » Sat Mar 10, 2012 10:41 pm
by MinM » Mon Mar 12, 2012 11:54 pm
Cyber False Flag to Push for More Restrictive Laws?
LulzSec’s FBI Informant Leader Hinted at CIA Connection
by Kurt Nimmo
...
Cover story: Sabu was flipped by the FBI.
Sabu did not admit that he worked for the CIA. But it is interesting an FBI operative would tell a journalist that it makes sense for government to roll out a cyber false flag in order to push for more restrictive laws designed to control the internet.
It’s a classic example of Diocletian’s problem-reaction-solution.
Government creates a problem through a false flag event – taking down servers, stealing emails and passcodes, and taunting the authorities – and after eliciting public fear (for example, hackers may shut down the power grid) they devise a solution that basically kills the internet goose that laid the golden egg.
http://www.globalresearch.ca/index.php? ... &aid=29677
by Wombaticus Rex » Fri Mar 16, 2012 10:15 am
When hacktivist Jeremy Hammond was arrested last week in Chicago as a part of a wide government investigation in the online group Anonymous, his mother, Rose Collins, called him a genius without any wisdom.
“Again?” she asked when informed by the Chicago Tribune that her son had been arrested for hacking. “I love my son, but he is a genius with no brain. He has a 168 IQ, but he has no wisdom.”
In an attempt to educate the world at-large about the dangers of Anonymous, Rose Collins reached out to Townhall Finance and spoke about Jeremy and Anonymous. She ended by asking a few questions of her own in an open letter to Anonymous.
Collins, who lives in Texas, says that she has not been in contact with her son since his arrest, but has looked for him with the Bureau of Prisons online. Jeremy’s father, Jack, aged 55, is in jail in lieu of bond, says the Chicago Tribune. He is “charged with three counts of aggravated criminal sexual abuse,” writes the Trib, “one count of grooming and one count of indecent solicitation of a child, according to DuPage County State's Attorney spokesman Paul Darrah. He faces up to seven years in prison for the most serious charge.”
Rose told me that while her son detests Glenn Beck (“He called him a liar”), Jeremy confirmed to her that information that he gathered by hacking buttressed Beck’s claim that some groups, including Anonymous, are working toward trying to “bring down capitalism” in the United States. And while Collins says that her son never told her that any members of the federal government were involved “Jeremy also went to UIC and he bragged that he met with Bill Ayers.” Ayers is the controversial retired professor from University of Illinois at Chicago (UIC) who used to be part of the Weather Underground, a 1970s far-left radical group responsible for bombings and other criminal acts in the United States. Ayers and Barack Obama were friends in Chicago, served on the same boards and Ayers even contributed money to Obama’s first campaign.
Collins also said that Jeremy claimed that he was working with Louis Farrakhan and the Nation of Islam, a black supremacist group in Chicago, as a part of his work with Anonymous, to promote an Islamic takeover of the United States.
A Letter to Anonymous
By Rose Collins*
Hi. Lulz to you. I’m Jeremy’s mom and I have a few questions. Answer them or not, but at least think about it.
1. If you are legion, do you have attorneys among you? If so, please send one to help Jeremy. I certainly don’t blame you for his behavior. He is (theoretically) an adult and knows what he is doing.
2. If you do not forget or forgive, are you in agreement with Jeremy regarding imprisonment of those convicted of crimes? He is against it for several reasons, including rehab futility, slave labor, training people for new crimes, etc. If you do feel the way he does, what will you do if/when you meet up with Sabu? Does he deserve to go to jail? If you would rip him to shreds as I have considered doing myself with my long, sharpened, poisonous, badly manicured fingernails, doesn’t that smack of the same injustices you have railed about for instance, in San Antonio? How would you be able to wear a mask superior to that of the government you detest?
3. Speaking of Sabu and our government, have you considered the possibility that Sabu himself was a victim? I cannot figure out why the feds would out him if he indeed had turned against his comrades and worked with them. It certainly won’t make protecting him any easier for them. I have seen it blamed on FoxNews, but how could they have accessed that information without a little haction on their part? And don’t you consider them liars anyway? Here’s a theory: The feds found a way to become stowaways on the Luhlzboat and got the dirt on LuhlzSec without his knowledge. And when they did arrest him, since he wouldn’t cooperate, they put the word out complete with pictures, just to distract You. In this scenario, you won’t find him because he’s busy making his little kissy-face to the fishes that are eating him piece by piece. Further, if the data stolen from Stratfor was indeed held on a server controlled by the FBI, the data is definitely compromised and therefore useless to the cause of transparency you wish.
Look, I’m a nobody and my mask is smaller than yours, as is my power. Like you, I don’t trust the government as far as I can spit a rat. Some of your shenanigans I approve of, such as the Westboro Baptist church, who gives all Christians a bad name, and the KKK morons who make all white people look like racists. But who decides what is good and bad? The government? OWS? The tea party? Westboro Baptists? You? Who are you to decide that all government secrets must be exposed? Let the wrong information out and we may all have to learn Mandarin soon. Keep working with Farakkhan’s Nation of Islam to end capitalism, and when you win that battle come over to my house and shoot me in the head, because I will never wear a burka. Better yet, free Jeremy and send him. He can even use my Baretta. He got a few luhlz when I told him that, but these people have more faith in their beliefs than I do in mine. No offense intended to Muslims, but there are those who would force their religion on a flailing nation.
My final question/point is this: I watched a video on YouTube saying that those who caused our economy to shatter for their own enrichment must pay. I totally agree! The question is, who are they? I believe (could be wrong) that you and the OWS crowd think it was the Wall Street Fat Cats. I personally believe that while their hands are not clean, they did not cause the housing crisis which was the first domino to fall. Look into history and you will see that Barney Frank and Chris Dodd (probably others too), had much more to do with it. Back in the 70s, these cartoon characters, along with ACORN and other protest professionals forced banks to give loans to people who could not pay it back or be labeled racist organizations. FYI it is no longer a race issue. My brother, who is of the peachy persuasion, also lost his house during the first year or so of the fallout. Here’s the question. How come you buy into one part of the answer, but fail to investigate other possibilities? Could it be that Anonymous is also susceptible to propaganda? I’m sure I have been as well, but I do try to see other views to a question. Can you?
Please don’t come at me bro-nonymous. I’m just trying to understand. More importantly, help my son!
*Editor’s note: After receiving the letter from Mrs. Collins via email, she asked me to make several minor edits to the letter of not more than a dozen words, more or less. Otherwise, the letters is unedited.
by Wombaticus Rex » Fri Mar 16, 2012 1:02 pm
Hacking For The FBI: How An Informant Sold Out Anonymous
In July, federal agents quietly arrested Hector Xavier Monsegur at a New York City housing project. Less than 24 hours later, they'd converted the infamous hacker, known online as Sabu, into an informant. He reportedly had been caring for his imprisoned aunt's two young children and didn't want to abandon them for a jail cell.
Working from an FBI building, Sabu allowed agents to observe his online conversations with friends and confidants in the hactivist group Anonymous. But that's not all. He also went on the attack, positioning himself as a ringleader of a new Anonymous faction, Antisec, that would target private security firms, police departments, and the FBI itself. The FBI appears to have used Antisec as a way to attract hackers and collect evidence against them. But did Sabu cross the line between informing on his friends and entrapping them? Writers such as Forbes' Andy Greenberg have floated the idea. (Similar questions have come up in the case another activist-turned-FBI asset, Brandon Darby.)
On Wednesday, the Anonymous group CabinCr3w shed light on that question with an incredibly detailed dossier of Sabu's online activities while he was in the employ of the FBI. This timeline follows his secret transformation from hacktivist to informer and his eventual outing....
by Wombaticus Rex » Mon Mar 19, 2012 1:56 am
by MinM » Fri Aug 15, 2014 11:00 am
Hugh Manatee Wins » Wed Feb 23, 2011 6:29 pm wrote:Internet boards are thick with USG operatives. Many boards are honeypots meant to draw out and analyze subversion in order to plan counter-propaganda.
*Think*
How Anonymous got it right and wrong in Ferguson
Gabriella Coleman, a professor at McGill University, who is perhaps the foremost academic expert on the group (and will soon publish a book on her research), helped us parse just how Anonymous works, what went wrong in Ferguson and where the group goes from here...
Twitter postings from another self-identified member of Anonymous appear to confirm that there was an internal dispute about the veracity of the name before one self-identified member of the group released it on Twitter.
Coleman has a few theories: One is that popular attention to Ferguson has attracted new activists to the group -- not all of whom may know about the potential pitfalls of using IRC for sensitive communications.
Another, perhaps more concerning theory is that this may be a so-called "false flag" operation, she says. That's when government agents or others who oppose the group plant erroneous information or urge members to move forward without the full picture to hurt the groups' credibility, she says.
While Coleman admits she has no evidence for this latter theory, she argues it's well within the realm of possibility. Government agents or moles have been known to infiltrate activist groups and allegedly encourage the worst of their behavior in the past, after all. (See: COINTELPRO)
According to Coleman, some on the IRC channel raised concerns that the push to release a name this morning may have been a false flag. And, she says, it's not the first time members of the collective have suspected as much: In Operation BART, a project responding to fatal shootings by officers associated with the San Francisco transit system, some within the group believed a hacker attacked and leaked customer data from Web sites associated with the transit system in order to discredit the group...
http://www.washingtonpost.com/blogs/the ... -ferguson/
Users browsing this forum: No registered users and 167 guests
