Suspected LulzSec member arrested by FBI for Sony Pictures hack

by Graham Cluley on August 29, 2012 | 2 Comments

Filed Under: Law & order, Vulnerability

Sony PicturesA man suspected of hacking into computer systems belonging to Sony Pictures, and stealing the personal information and passwords of thousands of innocent internet users, has been arrested by the FBI.

20-year-old Raynaldo Rivera, of Tempe, Arizona, is said to have been involved in the Sony hack last year that exposed online the names, birth dates, addresses, emails, phone numbers and passwords of people who had entered Sony contests.

At the time LulzSec published what they called a "Pretentious Press Statement" about the hack which was said to have been done via an SQL injection attack against a vulnerable Sony website:

"SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?"

The security breach is said to have cost Sony over $600,000.

According to the FBI, Rivera was an accomplice of 24-year-old LulzSec member Cody Kretsinger, who pleaded guilty in April to charges connected to the Sony Pictures hack, reversing an earlier not guilty plea.

HideMyAss logoKretsinger used the HideMyAss.com proxy server website to disguise his IP address as he the Sony Pictures' website was probed in May 2011, hunting for vulnerabilities.

HideMyAss.com's terms and conditions stipulate that their service is not to be used for illegal activity, however, and they co-operated with the authorities when a court order was received requesting information.

Rivera, who is said to use the online handles "neuron," "royal" and "wildicv", is suspected of similarly using a anonymising proxy in an attempt to conceal his computer's real IP address.

On Rivera's Facebook page (which can be found at https://www.facebook.com/wildicv) he describes himself as "just your common computer geek", and appears to have recently left a job at at the University of Advancing Technology in Tempe, Arizona.

Raynaldo Rivera's Facebook account

Others considering committing crimes on the net might be wise to stop believing that using an anonymising proxy service will necessarily keep them out of the clutches of the law.

Rivera faces up to 15 years in prison if convicted of the charges against him.

Tags: , , , , , ,

2 Responses to Suspected LulzSec member arrested by FBI for Sony Pictures hack

  1. Hector Valle says:
    August 29, 2012 at 1:10 pm

    A real "hacker" wouldn't have used hidemyass.com. Period.

    Reply Report comment
  2. anonmyous says:
    August 29, 2012 at 3:18 pm

    hidemyass proxy, what a fail whale..

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.