A notorious former member of hacking group Anonymous has been praised by US prosecutors for providing “extremely valuable” assistance to the FBI and thwarting cyber attacks planned by his former associates.
According to court documents Hector Xavier Monsegur, otherwise known as ‘Sabu’, helped law enforcement stop more than 300 separate attacks since his arrest for computer hacking in June 2011.
Mr Monsegur is set to be sentenced today for his involvement in a number of major cyber attacks in the year of his arrest, with prosecutors recommending that he receive a reduced sentence.
In May 2011 Mr Monsegur and five other members of the loosely-defined Anonymous movement formed what court documents describe as “an elite hack collective or ‘crew’ commonly referred to as LulzSec”.
Each of the group’s members had specialized and complementary skills with Mr Monsegur acting primarily as an analyst, exploring the code maintained by LulzSec’s targets in order to find any vulnerabilities.
In 2011 the group struck a number of high-profile targets including Fox, Sony, Nintendo and Senate.gov, receiving extensive media attention for the light-hearted statements they published following these attacks and their apparent refusal to hack for financial profit. Mr Monsegur had previously stolen credit card information to pay his rent and other bills.
A report on the group’s activities from The Independent in 2011 noted that “like Anonymous, LulzSecurity falls squarely into the grey camp. The group claims to be exposing security vulnerabilities in websites and organisations purely for "fun". But their willingness to dump the stolen data and details they uncover online pushes them towards the black hats.”
Mr Monsegnur was arrested in in June 2011 and reportedly agreed to cooperate with law enforcement immediately. He offered the FBI “information about then-ongoing computer hacks and vulnerabilities in significant computer systems” and "convinced LulzSec members to provide him digital evidence of the hacking activities”.
Court papers detail how “working sometimes literally around the clock,” Mr Monsegur “engaged his co-conspirators in online chats that were critical to confirming their identities and whereabouts,” asking “seemingly innocuous questions that […] could be used to pinpoint their exact locations and identities.”
Mr Monsegnur was also instrumental in 2012 arrest of the hacker Jeremy Hammond, described by the agency as the “number cybercriminal target at the time of his arrest”. Mr Hammond was sentenced to 10 years in prison in November 2013 for hacking US intelligence company Strafor and helping leak internal emails to WikiLeaks.