Skip to main content

Lulzsec leader turned informant helped FBI foil 300 cyber attacks

The former "leader" of notorious hacking group LulzSec has helped the FBI stop more than 300 cyber attacks since his arrest for hacking in 2011.

Hector Xavier Monsegur, who went by the online handle "sabu", was one of Lulzsec's six core members, and was described by The Economist as their "most expert" hacker. While a member of Lulzsec, he served primarily as a "rooter," analysing code for vulnerabilities which could then be exploited to gain access to restricted systems.

The group, whose unofficial motto was "laughing at your security since 2011", carried out a huge variety of attacks (opens in new tab) on media outlets, government agencies and contractors, as well as private companies.

Monsegur was arrested in June 2011 (opens in new tab), and agreed to turn informant for the FBI while continuing his online persona, something that has gained him a huge amount of notoriety online.

At a secret bail hearing in August 2011, one US defence attorney argued that "since literally the day he was arrested, the defendant has been cooperating with the government proactively," sometimes staying up all night engaging in conversations with co-conspirators to help the government build cases against them.

As an informant, Monsegur provided the FBI with details enabling the arrest of five other hackers associated with the groups Anonymous, Lulzsec and Antisec.

Now it turns out that he has been an integral part of the American authorities' war against cyber crime, with the FBI describing him as "an extremely valuable and productive cooperator."

"Monsegur's consistent and corroborated historical information, coupled with his substantial proactive cooperation and other evidence developed in the case, contributed directly to the identification, prosecution, and conviction of eight of his major co-conspirators, including Jeremy Hammond, who at the time of his arrest was the FBI's number one cyber-criminal target in the world," a sentencing memo among the documents filed (opens in new tab) said.

He also helped prevent major hacking attacks that were being planned. Victims of the attacks would have included the US Armed Forces, the US Congress and NASA as well as a "television network, a video game manufacturer and an electronics conglomerate".

Using Monsegur's help, "the FBI estimates that it was able to disrupt or prevent at least 300 separate computer hacks... Although difficult to quantify, it is likely that Monsegur's actions prevented at least millions of dollars in loss to these victims."

For his cooperation, prosecutors have recommended that he receives a reduced sentence.

Paul has worked as an archivist, editor and journalist, and has a PhD in the cultural and literary significance of ruins. His writing has appeared in the New York Times, The BBC, The Atlantic, National Geographic, and Discover Magazine, and he was previously Staff Writer and Journalist at ITProPortal.