According to media reports, the FBI has arrested two alleged hackers in San Francisco and Phoenix, believed to be associated with the LulzSec and Anonymous hacktivist groups.
And one of them is homeless.
FoxNews reports that search warrants have also been executed in the states of Minnesota, Montana and New Jersey as part of a wider FBI investigation into the groups who have launched attacks against government websites as well as corporations such as Sony.
23-year-old Cody Kretsinger, from Phoenix, Arizona, has been charged with computer offences, and is alleged to be the LulzSec member known as “Recursion”. Kretsinger is accused of being involved in an SQL injection attack that stole information from Sony Pictures in June, exposing users email addresses and passwords.
According to the indictment against Kretsinger, he is accused of using the hidemyass.com proxy service to cloak probes he made of Sony Pictures’ computer systems in May 2011, hunting for vulnerabilities.
Approximately 150,000 confidential records were subsequently published online by LulzSec who criticised Sony’s weak security.
Authorities allege that Kretsinger wiped the hard drives used to carry out the attack on Sony in an attempt to hide forensic evidence.
“Recursion” is one of many handles used by members of the LulzSec hacking gang, and features in internet chat logs that have previously been published of the group having what they believed to be private conversations.
Meanwhile, the FBI arrested an alleged Anonymous member in San Francisco. The man, who is reported to be homeless, is said to have been involved in internet attacks against Santa Cruz County government websites.
Just because a man is homeless, of course, doesn’t mean that he can’t get an internet connection. Coffee houses, cafes, libraries, etc can all offer cheap or free internet access – and because the computer being used can be a shared device, it may be harder to identify who might have been responsible for an attack compared to a PC at a home.
At the same time, public places are often watched with CCTV cameras which means that if the authorities were able to identify a time and place, they may also be able to gather evidence as to who was at the location when an attack was begun from a particular computer.
Wannabe hackers might be wise to read the FBI’s press release about the Kretsinger arrest, which points out that if convicted of the hacking offences he could face up to 15 years in prison.Follow @gcluley