Suspected LulzSec member arrested by FBI for Sony Pictures hack

Filed Under: Law & order, Vulnerability

Sony PicturesA man suspected of hacking into computer systems belonging to Sony Pictures, and stealing the personal information and passwords of thousands of innocent internet users, has been arrested by the FBI.

20-year-old Raynaldo Rivera, of Tempe, Arizona, is said to have been involved in the Sony hack last year that exposed online the names, birth dates, addresses, emails, phone numbers and passwords of people who had entered Sony contests.

At the time LulzSec published what they called a "Pretentious Press Statement" about the hack which was said to have been done via an SQL injection attack against a vulnerable Sony website:

"SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?"

The security breach is said to have cost Sony over $600,000.

According to the FBI, Rivera was an accomplice of 24-year-old LulzSec member Cody Kretsinger, who pleaded guilty in April to charges connected to the Sony Pictures hack, reversing an earlier not guilty plea.

HideMyAss logoKretsinger used the HideMyAss.com proxy server website to disguise his IP address as he the Sony Pictures' website was probed in May 2011, hunting for vulnerabilities.

HideMyAss.com's terms and conditions stipulate that their service is not to be used for illegal activity, however, and they co-operated with the authorities when a court order was received requesting information.

Rivera, who is said to use the online handles "neuron," "royal" and "wildicv", is suspected of similarly using a anonymising proxy in an attempt to conceal his computer's real IP address.

On Rivera's Facebook page (which can be found at https://www.facebook.com/wildicv) he describes himself as "just your common computer geek", and appears to have recently left a job at at the University of Advancing Technology in Tempe, Arizona.

Raynaldo Rivera's Facebook account

Others considering committing crimes on the net might be wise to stop believing that using an anonymising proxy service will necessarily keep them out of the clutches of the law.

Rivera faces up to 15 years in prison if convicted of the charges against him.

, , , , , ,

You might like

2 Responses to Suspected LulzSec member arrested by FBI for Sony Pictures hack

  1. Hector Valle · 785 days ago

    A real "hacker" wouldn't have used hidemyass.com. Period.

  2. anonmyous · 785 days ago

    hidemyass proxy, what a fail whale..

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.