We are anonymous inside the hacker world of lulzse

More documents

Recommendations

Info

the open at the same time: the suspected identities of Kayla, Pwnsauce, Palladium, and Stratfor hacker Sup_g, and the news that Sabu had been working with the FBI for an extraordinary eight months. It was a bombshell, and the police were about to drop it squarely on Anonymous. Chapter 27 The Real Kayla, the Real Anonymous Seven months earlier, on September 2, 2011, British police had pulled up to a family-sized house in the quiet English suburb of Mexborough, South Yorkshire. It was a cold and gray morning. One of the officers had a laptop open and was watching the @lolspoon Twitter feed, waiting for the hacker known as “Kayla” to post another tweet. When she did, several more burst in the house through a back entrance, climbed the stairs to the bedroom of Ryan Mark Ackroyd, walked in, and arrested him. Ackroyd was twenty-five and had served in the British army for four years, spending some of that time in Iraq. Now he was unemployed and living with his parents. Appearance-wise he was short, had deep-set eyebrows and dark hair in a military-style crew cut. When he spoke, the voice that emerged was a deep baritone, and the accent strongly northern English. Ackroyd’s younger sister, petite and blond, was, perhaps tellingly, named Kayleigh. In the same way police had simultaneously questioned Jake Davis’s brother, detectives also synchronized Ackroyd’s arrest with that of his younger brother, Kieron, who was serving in the army in Warminster, England. After questioning Kieron, the police released him without charge. Kieron and Kayleigh Ackroyd seemed close as siblings, with Kayleigh regularly posting on her younger brother’s Facebook wall, encouraging him at one point on a forthcoming driving test. “You’ll get the hang of it,” she said in January 2011. But their older brother, Ryan, never appeared in their public conversations. “He is the archetypal English infantryman,” said one person who knew of Ackroyd. “He will stand to attention and if he’s told to jump he’ll ask how high—that type of personality. He’s either exceedingly clever to pull this off, or it genuinely isn’t him.” “She’s a soldier in the UK,” Sabu said quietly during a phone interview on November 5, when asked who he thought Kayla was. “It’s a guy.” Then he seemed not to be sure, saying he’d heard it was someone who shared the “Kayla” identity with a group of transgender hackers. “I don’t know what the fuck it is. They’re all weird transvestites and shit. I’m brain-fucked about it.” In any case, on that cold morning in September 2011, Kayla’s once-prolific Twitter feed as @lolspoon went quiet. (It has remained inactive ever since.) Then in March of 2012, as the FBI got ready to go public with the truth about Sabu, British authorities got the go-ahead to charge Ryan Ackroyd with two counts of conspiracy to hack a computer network. On March 6, 2012, Fox News, the subject of multiple taunts by Anonymous and LulzSec and at least one hack in 2011, announced to the world that Sabu, the “world’s most wanted hacker,” was an FBI informant. “EXCLUSIVE: Infamous International Hacking Group LulzSec Brought Down by Own Leader,” the headline read. Fox had been working on the story for months and sourced much of its info from FBI officials and a few hackers who knew Sabu. It outed Sabu as Hector Monsegur and reported that police were arresting and charging five other men, largely based on evidence that Hector “Sabu” Monsegur had gathered. “This is devastating to the organization,” the story quoted an FBI official as saying. “We’re chopping off the head of LulzSec.” Every major news outlet picked up on the item, most of them sourcing the Fox story. Journalists descended on the Jacob Riis housing projects, taking pictures of Sabu’s apartment door; knocking on it but hearing nothing. Others talked to the neighbors, who gave Hector Monsegur mixed reviews. He had been quiet but friendly, they said, and would smile at people he passed by in the hall. One elderly neighbor who lived below confirmed she had complained to the Manhattan community board about the sounds of “shouting children, barking dogs, screaming and ‘pounding’” that came from his apartment, usually lasting until four o’clock in the morning. The snitch revelations stunned thousands of people who followed or supported Anonymous. Some of the more popular Anonymous Twitter feeds simply tweeted the news, unable to provide much comment. One suggested the arrests were like cutting off the head of a hydra; more would grow back. Anonymous, the implication was, would bounce back from this. Jennifer Emick had a field day, pointing out on Twitter that Anonymous was now as good as dead. Gabriella Coleman, a Wolfe Chair in Scientific and Technological Literacy at McGill University in Montreal, was one of the rare few to meet Sabu in person while living in New York. He was not so different from his online persona, she remembered. Though she’d studied Anonymous for years, Coleman was in shock. She had suspected Sabu was up to something (why else would he meet?), but on the day the news came out she claimed it was “an all together different thing to experience it and know it.” Just before he was outed, Sabu had been allowed to notify family and friends by telephone of what was about to happen. Coleman was one of the people he called. When recounting that final conversation, Coleman described it as “part apology, part ‘It-is-not-what-it-seems.’” When key people in Anonymous and Antisec heard the news, there was shock at the extent of Sabu’s cooperation. But there was just as much surprise at what the FBI had been privy to during their exploits on Stratfor, the intercepted FBI-conference call, and other attacks. “If I was Stratfor, I’d be pretty pissed off at the FBI,” said one hacker. “They were basically sacrificed to arrest one guy [Jeremy Hammond]. What the fuck man…what kind of investigation is this?” Other hackers who had consorted with Sabu were now “freaking out” and many said they would go dark for some time. “I knew something was shifty,” Jake Davis said soon after hearing about the extent of Sabu’s betrayal against the people he had started LulzSec with. Jake was, as usual, cool about the news. He did not seem angry at Sabu, perhaps because he had already built up resentment against the former friend who had pushed him to take up the Antisec cause. What shocked Jake more was how the FBI had apparently carried out their investigation by monitoring cyber attacks as they happened. “I didn’t think the FBI were that insane.”
Now it was clear: Sabu, Topiary, Kayla, Tflow, and Pwnsauce, five of the six core members of LulzSec (it is not known what happened to AVunit) had been arrested. It seemed almost impossible to become a hero in Anonymous and avoid handcuffs. But did that spell the end of Anonymous? Jake’s final tweet as Topiary had been “You cannot arrest an idea,” and it rang true. In Anonymous, there were no real leaders but symbols and smaller groups who occasionally worked together. There were even different cultures: the old-school EFnet hackers like Sabu who had embraced the vision of Antisec, the 4chan users like William who loved Anon because it helped him “waste a night.” And there were those who fell somewhere in between, like Topiary, Kayla, and Tflow, who saw Anonymous as a broad means to find fulfillment, have new experiences, and make a difference in the world in a way that suited their enjoyment of computers and the Internet. Tying Anonymous all together and destroying it was impossible. This was a phenomenon that came from the nascent world of memes, crowd sourcing, and social networks, things that had a viral-like quality that could not be predicted, controlled, or stopped. As some members were arrested, others joined. The FBI said that they were “chopping off the head of LulzSec,” but by March of 2012, after LulzSec had been disbanded for more than nine months, other hacker cells were taking up the Antisec cause; in February of 2012 alone, supporters of Anonymous had taken credit for attacking the websites of the CIA, Interpol, Citigroup, and a string of banks in Brazil, among other targets. Then there was the growing international movement called “Occupy,” which emerged in September 2011 and saw tens of thousands take to the streets in major capitals to protest social and economic inequality, often using the slogan “We are the 99%.” Activist-style supporters of Anonymous largely showed their support for Occupy, promoting it on Twitter and blogs and wearing the V for Vendetta masks at protests. Police had arrested more than 6,800 people in connection with the Occupy movement as of April 2012, by which time it had gone into hiatus. But as observers marveled at how this apparently leaderless global crowd could organize itself so extensively online and in physical demonstrations, they only had to look at Anonymous to see it had already been done before. For the FBI, getting Sabu as an informant had been a coup, but chasing the day-to-day glut of bragging, secret discussions, conspiracies, and threats probably soon turned into a bureaucratic nightmare. Although they had Sabu working for them for eight months, it is not clear how instrumental he was in initially identifying any of the five hackers that were charged on March 6—at most, he may have helped drum up charges. Sabu was outed, but Anonymous seemed to refuse to be destroyed. Later that evening on March 6, a group of hackers announced that Anonymous had hacked into and defaced the website of Panda Securities, the same IT company that had observed the Anonymous DDoS attacks on PayPal in December of 2010. Their message: it isn’t over. Then, over the subsequent days, the hackers who had worked with Sabu brainstormed about new ways to work together. “Sabu’s shit makes things different now,” said one. “We mistrust a lot more.” By mid-March the hackers were discussing other methods of talking to one other besides IRC and how they could raise standards for new people to join private discussions. Anonymous as an activist movement would stay public, but the hacking activities would go farther underground. Anonymous had emerged from the shadows, the hacker added, and it would go back into the dark for a while. “But don’t worry. We exist.” Anonymous had already been changing. The software tools its supporters used, for instance, were becoming easier to disseminate. When members of Anonymous launched DDoS attacks on several companies in January of 2012 to protest the shutdown of Megaupload, a videostreaming site, they didn’t use the traditional LOIC program. There was no need to download anything. By then, supporters could launch LOIC directly from a web browser. That meant that by posting a link on Twitter or Facebook, organizers tricked hundreds, perhaps thousands, of oblivious web surfers into joining the attack. The attack method, dubbed mobile LOIC by digital security company Imperva, was used as early as August of 2011 in the first of several DDoS attacks against the Vatican and became more popular over the following months. By early 2012, Anonymous attacks were no longer carried out by thousands of volunteers, as with the Payback attacks for WikiLeaks. Just like Chanology’s real-world protests, they were a one-off, as if Anonymous was learning what worked and what didn’t. Anonymous was shifting from mass gatherings and DDoS attacks to small groups stealing data, like LulzSec. For this, more were using the web tool Havij. After LulzSec used it to collate data during the PBS heist, a splinter group called CabinCr3w used Havij (or something like it) to expose the personal data of five hundred police officers in Utah, while other Anons used Havij to try to steal data from the Vatican in August 2011. Imperva’s studies showed that only a year after its creation by what are believed to be Iranian programmers, Havij had become, by the summer of 2012, one of the most popular tools for SQL injection attacks. The program was so simple that one Imperva executive taught his eleven-year-old how to use it in fifteen minutes. The free-to-download tool performed SQLi automatically, even filtering data into helpful categories like “Passwords” and “Credit card numbers.” With the right free programs and just a few clicks, it seemed almost anyone could be a hacker. Of course, keeping the idea of Anonymous alive would be complicated. The media, police, and even the hackers themselves had their own concepts of what it really was: an idea, a movement, a criminal organization, and other things besides. By March of 2012, the public and parts of the media still seemed to think that Anonymous was a very large group that made plans and carried them out in an orderly way. Though the notion was deeply misguided, it was understandable. A newfangled phenomenon like Anonymous, born of the Internet itself, was something society would struggle to make sense of at first. On top of that, the mystery surrounding what really happened inside the hivemind had left just enough room for the public to create its own versions of the Anonymous narrative, just as when Topiary had spun a vague tale about getting raided when he wanted to leave AnonOps. Anonymous wasn’t just a group or a process; it was also a story that people were telling themselves about how the Internet was fighting back. Anons could grab headlines by simply tweeting a threat, which is why the power of Anonymous spoke to the power of myth. Anonymous was another example of social engineering, on a mass scale. It was not too dissimilar from Kayla herself. Over the past few years, the online entity Kayla had been telling her friends different stories about who she was in real life, tempting them to try to piece together a puzzle of her real identity. A teenage girl who hated her father; a teenage girl who loved him. In the end, though, her hacker colleagues stopped being interested in the truth. “We told her we’d prefer her to lie to us,” one longtime friend remembered. “We all loved the story. I don’t think we cared if it was true or not.” Like children wanting to keep the magic of Santa Claus alive a little longer after starting to doubt his existence, to her hacker friends, Kayla’s story had become more important than the truth itself.
Page 2 and 3:
Begin Reading Table of Contents Cop
Page 4 and 5:
his HBGary Federal account, possibl
Page 6 and 7:
culture and key figures within it.
Page 8 and 9:
dreadful fascination at his phone a
Page 10 and 11:
Aaron Barr would never have come fa
Page 12 and 13:
“nigger,” “faggot,” or just
Page 14 and 15:
owns my ass.” With his other hand
Page 16 and 17:
In 2008 he helped instigate Operati
Page 18 and 19:
death threats and threatened to bom
Page 20 and 21:
another poster described “Phase 2
Page 22 and 23:
though, they were usurped by what w
Page 24 and 25:
We are Legion We do not forgive We
Page 26 and 27:
day in federal prison. In the meant
Page 28 and 29:
Since childhood, Bailey had harbore
Page 30 and 31:
oughly three hundred regular chat p
Page 32 and 33:
1. Get the latest LOIC from github.
Page 34 and 35:
Asperger syndrome, rarely left his
Page 36 and 37:
“It’s a troll,” another organ
Page 38 and 39:
had joined mentoring program iMento
Page 40 and 41:
choose a unique nickname on AnonOps
Page 42 and 43:
time. Kayla actually had several IR
Page 44 and 45:
was headquartered and where Barr wo
Page 46 and 47:
“So are we going to focus on Anon
Page 48 and 49:
Starting in early January, many sup
Page 50 and 51:
“Well in my lifetime I’ve perfo
Page 52 and 53:
uh, actual intelligence.” There w
Page 54 and 55:
definitely unimpressed—the claims
Page 56 and 57: nude photos. Four years later, an e
Page 58 and 59: “Is this a new trend :D to see wh
Page 60 and 61: network collapsed, they would move
Page 62 and 63: large notice board with paperwork a
Page 64 and 65: April 2011, while he and Sabu were
Page 66 and 67: since they had a wider array of ski
Page 68 and 69: will get in trouble and might be gr
Page 70 and 71: passwords for almost every journali
Page 72 and 73: or online for most of the day and s
Page 74 and 75: a mixture of Anons, script kiddies,
Page 76 and 77: Sabu hated white hat security firms
Page 78 and 79: “Just looked at this guy’s sour
Page 80 and 81: otnets. Topiary shot back with a se
Page 82 and 83: wasn’t Sabu. “You got the wrong
Page 84 and 85: them that he was back. Topiary at f
Page 86 and 87: websites, bigger ones. He had a rap
Page 88 and 89: “Y’all were the inspiration I n
Page 90 and 91: LulzSec. Tflow created a torrent fi
Page 92 and 93: The Fate of Lulz LulzSec’s signif
Page 94 and 95: opposite of Kayla. And yet there wa
Page 96 and 97: one of the LulzSec accounts in resp
Page 98 and 99: on the network. He decided to try t
Page 100 and 101: morning of their meeting, William
Page 102 and 103: techniques like the Cain and Abel p
Page 104 and 105: hackers in private IRC rooms. It wa
Page 108 and 109: Kayla’s story had become more imp
Page 110 and 111: Stephane Fitch, who also introduced
Page 112 and 113: writes a spoof news article about t
Page 114 and 115: following twenty names in the ranki
Page 116 and 117: to websites that showed the steps o
Page 118 and 119: Minions.” Another helpful source
Page 120 and 121: “extreme version of Calvinism”
Page 122 and 123: 2011, however, we held our first re
Page 124 and 125: that were first leaked online by Pa
Page 126 and 127: on the CIA. Details about Julian As
Page 128 and 129: Descriptions of Ryan Mark Ackroyd w
Page 130 and 131: Parmy Olson is the London bureau ch
show all

We are anonymous inside the hacker world of lulzse

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?