Sabu’s sordid story detailed in FBI indictment


Federal Marshall badge courtesy of ShutterstockAs Graham wrote earlier today, Hector Xavier Monsegur (a/k/a “Sabu,” a/k/a “Xavier DeLeon,” a/k/a “Leon”) and five co-conspirators were arrested this morning in connection with hacks under the banners of Anonymous, Internet Feds and LulzSec.

Sabu plead guilty to 12 counts in the indictment in addition to having cooperated with the FBI since June 7, 2011. He faces a maximum sentence of 124 years and 6 months in prison.

The FBI broke down Sabu’s activities into sections based on his affiliations with different groups over the last two years.

Count one charges him with Conspiracy to Engage in Computer Hacking during his association with Anonymous from December 2010 through early 2011.

Operation Tunisia PosterThis includes participating in the DDoS attacks against Mastercard, Visa and PayPal; DDoSing, hacking and defacing computers owned by the Tunisian government; DDoSing Algerian government websites; DDoSing and hacking Yemeni government websites; and breaking into Zimbabwe government websites and attempting to steal confidential email.

Count two charges Sabu with Conspiracy to Engage in Computer Hacking during his escapades with an Anonymous splinter group called Internet Feds.

He admits to hacking HB Gary and HB Gary Federal; stealing confidential information, emails, and data from; and defacing Aaron Barr’s Twitter account.

Other crimes committed by Internet Feds include unauthorized access to systems at publisher The Tribune Company and unauthorized access to systems at Fox Broadcasting, resulting in publication of personal information about aspiring contestants for Fox’s X-Factor.

The third count includes the charges related to Sabu’s activities while heading up LulzSec (Lulz Security). Sabu’s LuzSec co-conspirators include Kayla, Topiary, TFlow, Pwnsauce and AVUnit.

The third count includes the attack on PBS after it aired a Frontline episode about Bradley Manning and the WikiLeaks saga.

Lulz banner from PBS hack

Sabu next targeted Sony Pictures, gaining unauthorized access and stealing confidential data. Around the same time he began targeting Sony Music based on a tip on a vulnerability from a LulzSec supporter.

He proceeded to compromise Sony Music Belgium and Sony Music The Netherlands and steal data, including upcoming release dates for albums they publish. He also passed along a vulnerability found in Sony Music Russia to other members of the group.

Infragard logoSabu also admitted to hacking FBI affiliate Infragard Atlanta and security firm Unveillance. He thieved usernames, passwords and confidential data; defaced the Infragard website; and stole the emails of Unveillance’s CEO.

Other charges under the third count are hacking the US Senate’s website based on a tip about a vulnerability and stealing confidential data, as well as compromising software firm Bethesda Software and publishing stolen usernames, passwords and emails.

The incidents sparking the first three counts have already been reported by the media, but count four is where the story starts to get interesting. Those who have supported these groups’ efforts and given them attention on Twitter and elsewhere should be advised that Sabu was not just in it for the lulz.

Count four charges Sabu with Computer Hacking in Furtherance of Fraud. He hacked into the computers of an auto parts company and proceeded to manipulate its systems to ship himself four automobile engines, together worth approximately $3450 USD.

ID Theft image courtesy of ShutterstockCount five is for Conspiracy to Commit Access Device Fraud, otherwise known as credit card fraud. Sabu stole credit card information from two of the organizations he breached and purchased purloined cards on underground “carder” forums.

He used these cards to pay at least $1000 USD in personal bills and sold cards to others to enable them to make fraudulent charges to the victims.

Count six is for Conspiracy to Commit Bank Fraud. Sabu had acquired the bank account numbers, routing numbers, social security numbers, names and addresses of more than a dozen victims and provided this information to his co-conspirators, who used it to commit bank fraud.

Last but not least, count seven is for Aggravated Identity Theft related to counts five and six. This enables the US government to seize assets equal to the personal gain Sabu enjoyed from his crimes and for proceeds attained by others based on his actions.

Those arrested today are lucky President Obama’s proposed cybercrime legislation that added computer crimes to the Racketeer Influenced and Corrupt Organizations (RICO) Act had not been written into law. Many of the charges against LulzSec members would have qualified for far harsher punishments.

Those who suggest Sabu’s actions were just hacktivism or “for the lulz” need to recognize that Sabu wasn’t a Robin Hood who nobly gave voice to a cause, but a thief who admitted to lining his own pockets.

EFF logoFree speech is an important issue and we should all be on guard to protect it, exercise it and lawfully fight for it, on and offline.

People who wish to support digital freedom should contribute their time and money to organizations like the Electronic Frontier Foundation, or donate their mad computer skillz to Hackers for Charity.

However, the actions of Sabu and his co-conspirators are not the way forward. Hopefully the prominence of this case will inspire those passionate about political and social causes to take a different path.

Don’t be a Sabu… These stories take too long to write.

Federal Marshall badge and ID Theft image courtesy of Shutterstock.