LulzSec says it's stopped hacking, but criminal case against it gains steam
Those behind LulzSec – which forced the CIA’s public website down and hacked Sony, among other things – are among the most wanted cyber-criminals.
(Page 2 of 2)
One vigilante hacker dubbed "the Jester," purportedly a former cyber-expert for the US military, has in recent weeks exposed details of the group's members, Bardin notes. In a possible break in the case, British authorities on Wednesday charged Ryan Cleary of Essex, England with five counts of computer crimes. His connection with the group remains unclear, although he was reported to have operated a computer server the group used.Skip to next paragraph
Subscribe Today to the Monitor
"The Jester is out there exposing these guys, and you've got other people doing the same thing," Bardin says. "As soon as they got Ryan Cleary, you could see the writing on their Twitter feed changed. I think this becomes a fairly simple law-enforcement case now."
Long before LulzSec appeared, the Anonymous group was being scrutinized by Gabriella Coleman, an anthropologist at New York University. For years, she has observed the online discourse in the chat boards operated by Anonymous, and a few months ago, she noticed when six to eight of them seemed to break away and set up shop in their own chat boards, as LulzSec.
Anonymous is a larger group that has attacked websites of organizations it deems to have curbed Internet or political freedom, including MasterCard, Visa, and PayPal. Anonymous has also attacked government sites in Tunisia, Egypt, and elsewhere in support of the Arab Spring uprisings. LulzSec, by contrast, has only rarely claimed to be acting for philosophical reasons.
"Anonymous and LulzSec are clearly in conversation with each other at some level, and their existence helps to clarify what's unique about each one," Dr. Coleman says. "Anonymous uses LulzSec as a political tactic, whereas LulzSec says what it does is all about the laughs. They each benefit from the association."
But although LulzSec claims to be "doing it for the laughs,” that wasn't always the motivation, Bardin and others in the Internet security realm say. Revenge was another motive, as the computer security firm HBGary concluded when a trove of its stolen e-mails were dumped on the Internet for anyone to read. One of its officers had claimed he would expose the members of the group.
Greed could be another motive. In late May, Unveillance, a botnet-tracking start-up company, was attacked – and though its intellectual property remained safe, the e-mail of its founder was stolen. In contacts with LulzSec, detailed in logs supplied to the Monitor by Karim Hijazi, CEO of the firm, the group appears to tell him they won't dump his private e-mails on the Internet if he supplies them with money or botnet technology. When he refused, the group publicized his e-mails.
"There's certainly a leadership structure there," Mr. Hijazi says. "There's definitely youth involved because they don't know the ramifications of what they're doing.... It was clumsy, truly like these kids had watched movies ... saying, 'If you play this right, it will work out' and 'Don't mess up.' "
One distinction that solidifies LulzSec in the criminal category is the group's intense interest in developing its botnet technology – malicious software used to enslave the computers of companies and ordinary households for criminal purposes, says Luis Corrons, the Spain-based technical director of PandaLabs, a cybersecurity company.
"This group owns a number of different botnets," he says. "They were powerful enough to fire at the CIA site and take it down. In my 12 years working in the security industry, all the botnets belonged to cybercriminals. They may be young people looking to make some money, but that's the direction they've gone."
Hijazi agrees that the group could be in physical danger as their identities leak into the open – since organized crime cares a great deal about preserving its botnets, and it may not welcome the spotlight that LulzSec has thrown on their use.
"These guys should pray law enforcement finds them first," he says.