The LulzSec hackers who boasted they were "Gods" await their sentence

Filed Under: Botnet, Featured, Law & order, Malware, Privacy, Vulnerability

LulzSecFour members of the notorious LulzSec hacking gang, who attacked websites belonging to the likes of the CIA, the NHS and the Serious Organised Crime Agency (SOCA) are due to be sentenced at Southwark Crown Court in London later today.

The Anonymous-affiliated hacking group didn't limit itself to denial-of-service attacks which bombarded websites with so much internet traffic that they were inaccessible by the outside world. They also stole personal information from poorly-secured networks.

For instance, the group's attack on Sony, took the PlayStation Network offline for several days, stole 24.6 million individual pieces of customer data and cost the firm a reported $20 million in revenue.

What's obvious is that the motive of the LulzSec hacking gang wasn't to make money. In that sense they were very different from many of the online criminals encountered today.

However, they were set on amusing themselves at the expense of embarrassed organisations, disrupting websites and - in the worst cases - exposing the personal information of innocent people.

Of course, those actions could have costly financial consequences for the companies and individuals who were unfortunate enough to be caught up in the attacks and data breaches.

Below you will find more details of the four hackers, who had previously pleaded guilty to various hacking offences:

Further reading: Jail for the LulzSec hacking gang members



Jake Davis, also known as "Topiary"


20-year-old Jake Davis, who acted as LulzSec's spokesman under the pseudonym of "Topiary" and was arrested at his home in the remote Shetland Islands, was one of the most high profile members of LulzSec, writing press releases for the group, conducting media interviews, and running the group's Twitter account.

Jake Davis, who by all accounts was not having the greatest experience living so remotely from the British mainland, enjoyed co-ordinating LulzSec's activities.

He was not the most technically skilled member of the LulzSec hacking gang, but was quick-witted and intelligent, making him an ideal spokesperson for the group.

Here's a video I made at the time of Davis's arrest, where "Topiary" is heard claiming that he and other hacktivists would always be one step ahead of the authorities:


(Enjoy this video? Check out more on the SophosLabs YouTube channel and subscribe if you like.)

When arrested, Jake Davis was caught red-handed with 750,000 pieces of stolen personal data in his possession, including names and addresses, passwords, and credit card details.

Famously, just before his arrest Jake Davis posted a simple message on Topiary's Twitter account:

"You cannot arrest an idea"

Last month, Davis pleaded guilty to his part in bombarding various websites with so much internet traffic that they were inaccessible by the outside world

CIA website down

Last year, following his arrest, Davis wrote an article entitled "My life after Anonymous" where he claimed that he felt "more fulfilled without the internet".

It's possible that Jake Davis may be extradited to the United States in the future, to answer related hacking charges there.


Ryan Cleary, also known as "Viral"

Ryan Cleary was not a main member of the LulzSec hacking gang, but had access to something very valuable - control over a botnet of compromised computers.

Prosecutor Sandip Patel told the court that "at any one time [Cleary] had up to 100,000 computers directly and actively under his control."

Cleary had made thousands of pounds every month, renting out access to his massive botnet of hijacked personal computers so criminals could launch denial-of-service attacks and send spam campaigns. But as he was sympathetic to the cause, he didn't make such financial demands of the LulzSec gang.

The Sun's report on the arrest of Ryan ClearyAfter his arrest, in June 2011, at his home in Wickford, Essex, The Sun newspaper described Cleary as a "geek", "nerd" and "oddball".

The news report was clearly insensitive, as Cleary suffers from Asperger's.

It is speculated that The Sun's front page media report may have angered other members of LulzSec, and motivated the hacking group's subsequent attack against the newspaper.

The attack against The Sun resulted in phone numbers, email address and passwords of News International employees being posted on the internet.

Meanwhile, website visitors were presented with a false news story claiming that News International founder Rupert Murdoch had died after ingesting a "large quantity of palladium", and stumbled into his "famous topiary garden".

Bogus news story


Mustafa Al-Bassam, also known as "T-Flow"

Mustafa Al-Bassam, the youngest of the four men and technically a child at the time of the offences, specialised in finding vulnerabilities in websites that could be exploited by malicious hackers.

Calling himself "T-Flow", Al-Bassam took issue with the homophobic stance of the controversial Westboro Baptist Church that entered an online argument with the Anonymous movement, before being hacked live on-air.

Westboro Baptist Church

When the A-Level student - who is now 18 years old - was arrested, a note was found giving details of a security vulnerability on the FBI's website.


Ryan Ackroyd, also known as "Kayla"


Ryan Ackroyd was considered the most skilled hacker in the LulzSec group, who claimed to have learned his computer skills by attempting to tinker with computer games.

After joining the British army when he was 19, Ackroyd had served in Iraq, Canada and the Falklands, before being discharged after five years.

Many, both inside and outside the underground world of hackers, were duped into believing that "Kayla" was a teenage girl - a deliberate attempt by Ackroyd to disguise his true identity.

Kayla on Twitter

The truth is that Kayla was a 26-year-old British man, from Doncaster. Ackroyd enjoyed the disguise, as it rubbed salt into the wounds of hacking victims who thought they had been "pwned" by a teenage girl.


The reign of LulzSec


Here's just a short summary of just some of the hacks, internet attacks and indeed arrests associated with the LulzSec gang during 2011:

Have your say - LulzSec: Helpful, harmless or hideous? [VOTE NOW]

, , , , , , , , , , , , ,

You might like

9 Responses to The LulzSec hackers who boasted they were "Gods" await their sentence

  1. anon · 342 days ago

    Even the Titans were imprisoned ; and were greater then any god.

    • Sarcastic · 342 days ago

      Your statement will surely give peace to these 4 while they are sitting in jail.

  2. Anon · 342 days ago

    You cannot arrest an idea.

  3. flip · 342 days ago

    "had made earn" "hvae" You really need to proofread this.

  4. Carson · 342 days ago

    Most of the "hacks" were done by prebuilt tools. It's not like they were the most skilled hackers out there. But it is the hacker's nature to enjoy attention and to boast I guess.

    • I agree. From what I've learned LulzSec is just an organized group of script kiddies. Standing on the shoulders of giants, as it were.

      • NaNa · 338 days ago

        Idk if I'd say that about LulzSec but that's definitely the structure of anonymous as a whole. Upfront mostly "pawns" & script kiddies. Black Hats remain in the shadows and provide the tools...

  5. V4V · 309 days ago

    indeed, let us wonder but the internet is a weird place, this persons anonymity was lost so he was a criminal but least that there's so much of it everywhere on the internet and what would be the solution for those whom have lost their privacy not just by this but even before so much of frauds and scams on the internet ? what are these so called capable people are able of doing the same to take action towards this sort of happenings that happen even while we speak, lesson learned but it would never come to thought of because a few minds out there would only truly realize to see another side of it which isn't the harm it has caused but the harm it has been and will be, it's not the tool of destruction that causes the true harm it's the dark side of the mans heart that truly does.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.