LAST AUGUST, a list of serious charges was filed in the District Court of New York against Hector Xavier Monsegur (28), an experienced computer hacker who was involved in three groups, Anonymous, Internet Feds, and Lulz Security (LulzSec).
According to the documents, the groups were “responsible for multiple cyber attacks on the computer systems of various businesses and governments in the United States and throughout the world”.
Monsegur had a number of internet aliases, including Sabu, Xavier DeLeon and Leon, according to the document.
He was involved, as a member of the various hacking collectives, in cyber attacks on Visa, Mastercard and PayPal, on computers belonging to the Tunisian, Algerian, Yemeni and Zimbabwean governments, on private cyber security firm HBGary, and on media groups Fox Broadcasting and the Tribune Company – owner of the Chicago Tribune and LA Times.
Some of the attacks were motivated by matters to do with Wikileaks. For instance, the attacks on PayPal, Visa and Mastercard came after those companies refused to process donations to Wikileaks.
The Fox Broadcasting attack led to the stealing of confidential information about contestants on X Factor. An attack on the Public Broadcasting Service (PBS) led to a bogus item saying deceased rapper Tupac Shakur was alive and living in New Zealand.
They also attacked Sony, the Nintendo game company, and Infraguard Members Alliance, which is a partnership between the FBI and private industry aimed at protecting critical infrastructure in the US.
Monsegur obtained people’s credit card details and used them to pay his own bills. He also sold the information on to others, according to the documents.
The fact the charges, which carried a possible maximum sentence of 124 years, had been made against Monsegur was kept secret until yesterday, when he entered a guilty plea. In the meantime he was co-operating with the FBI in the hope of alleviating his sentence.
The FBI announced it had filed charges against five others – UK-based Ryan Ackroyd and Jake Davis, Chicago-based Jeremy Hammond, and two Irishmen, Darren Martyn and Donncha O’Cearrbhail.
Martyn is a student in Galway, while O’Cearrbhail is a student in Trinity College Dublin. Their Facebook accounts, which detailed their interest in computers and internet security, were taken down last night.
On his Linkedin profile O’Cearrbhail describes himself as a first-year student in medicinal chemistry at Trinity College Dublin, says that he previously represented Ireland at the International Olympiads in informatics and that he received a scholarship from Offaly County Development Board for students, taking courses in science, technology, engineering and mathematics.
Martyn, according to the FBI, uses the aliases pwnsauce, raepsauce and networkkitten, and O’Cearrbhail uses palladium, polonium, and anonsacco.
Both are charged with being involved in the hacking of websites belonging to Fine Gael, HBGary, and Fox News. Martyn, with others, is charged with hacking into PBS, Sony and video gamemaker Bethesda Softworks.
O’Cearrbhail (19) has been charged with a computer hacking conspiracy that relates to hacking into a conference call between the Garda, FBI and other law enforcement agencies in January. He is alleged to have secretly recorded the conversation and then to have shared it with others.
An outline of how the FBI came to believe O’Cearrbhail was involved in recording the conversation is among the documents filed in New York and includes references to co-operation from a hacker who was involved with the Anonymous group and who agreed to co-operate with the FBI in the hope of receiving a reduced sentence.