Forgot your password?
typodupeerror
Security IT

Accused LulzSec Members Left Trail of Clues Online 221

Posted by Soulskill
from the didn't-need-sherlock-for-this-one dept.
Trailrunner7 writes "When the long arm of the law reached in to arrest members of Anonymous's senior leadership on Tuesday, speculation immediately turned to the identities of the six men behind the Guy Fawkes mask. With the benefit of hindsight, it turns out that many had been hiding in plain sight, with day jobs, burgeoning online lives and — for those who knew where to look — plenty of clues about their extracurricular activities on behalf of the world's most famous hacking crew. Two of the accused, Darren Martyn (aka 'pwnsauce,' 'raepsauce,' and 'networkkitten,') and Donncha O'Cearbhail, formerly known as Donncha Carroll (aka 'Palladium'), sported significant online footprints and made little effort to hide their affinity for hacking. In other areas, however, Martyn (who was reported to be 25, but claimed to be 19), seemed to be on his way to bigger and better things. He was a local chapter leader of the Open Web Application Security Project in Galway, Ireland. He spent some of his free time with a small collective of computer researchers with Insecurety Research, under the name 'infodox.'"
This discussion has been archived. No new comments can be posted.

Accused LulzSec Members Left Trail of Clues Online

Comments Filter:
  • So it goes (Score:5, Insightful)

    by Securityemo (1407943) on Sunday March 11, 2012 @04:11PM (#39319885) Journal
    They're all human, obviously. And perhaps the risk aversion that would have driven them to meticulously fly under the radar ultimately would have prevented them from creating such a spectacle in the first place?
  • Re:So it goes (Score:2, Insightful)

    by Anonymous Coward on Sunday March 11, 2012 @04:15PM (#39319909)

    The problem usually seems to be bragging and telling others things that they absolutely do not need to know.

  • Re:So it goes (Score:5, Insightful)

    by DigiShaman (671371) on Sunday March 11, 2012 @04:17PM (#39319927) Homepage

    Hubris. A douchebag's own worst enemy. And rightfully so.

  • by Anonymous Coward on Sunday March 11, 2012 @04:18PM (#39319933)

    We have people who are killing others. They are bombing innocents. They are threatening the security of the free World. And they are eluding authorities.

    But God forbid you attack some Big Corps website and *gasp* force their website down! Then there's a HUGE manhunt to get those criminals!

    Every one of these "law enforcement" officials should get a swift kick in the ass and their priorities straightened out.

  • by DigiShaman (671371) on Sunday March 11, 2012 @04:22PM (#39319955) Homepage

    You laugh. Given the tract record of our government, our heroes in office may decide to pass another epic failure of a bill. DHS mandated list of federal certified software developers. All compilations are recorded, audited, and the compiler software itself certified by the feds. Give another 10 years. It will happen. Not because it should, but because it can be.

    I never said any of this was rational. Just projecting a future based on the insanity that's going on now.

  • by GmExtremacy (2579091) on Sunday March 11, 2012 @04:25PM (#39319971)

    Whoa, whoa, whoa. Are you suggesting that we don't need dozens of armed policemen and helicopters to arrest the owner of a website that facilitated the copying of copyrighted material!? Are you actually suggesting that murder is worse than 'hacking' a website or infringing upon someone's copyright and that perhaps these expensive investigations aren't necessary!?

    How dare you!

  • Re:So it goes (Score:1, Insightful)

    by jhoegl (638955) on Sunday March 11, 2012 @04:26PM (#39319979)
    huberis and a lack of maturity.
    Seriously... pwnsauce? How many 10 year olds out there have that name online? Worse than when people showed up with persona names like "Zerocool".

    In my mind it automatically brings up the question, "what are you, 12?"

    If you want to separate yourself from the pack, you dont run around using raepsauce that is for sure.
    This guy is not your typical hacker.
  • by mrmeval (662166) <mrmeval@gm a i l . com> on Sunday March 11, 2012 @04:26PM (#39319985) Journal

    They're children going up against people who have been trained to play this game by masters at it. They were nothing until they became a significant irritant and when that happened they ended up under a sledgehammer. It is a most dangerous game where you cannot make a mistake at as your life is at stake. I don't know how badly they will fall but they're tagged now and most likely will be assigned to someone to watch for some time to come.

  • by Anonymous Coward on Sunday March 11, 2012 @04:29PM (#39319997)

    Taking a website down costs the company money and we all know the governments, law makers and law enforcers are in the pockets of the big corporations.
    On the other hand terrorists help to MAKE money for the corporations (arms, oil etc etc) so there is much less incentive to catch them.

    Capitalism at it's finest.

  • by Nidi62 (1525137) on Sunday March 11, 2012 @04:37PM (#39320053)

    We have people who are killing others. They are bombing innocents. They are threatening the security of the free World. And they are eluding authorities.

    But God forbid you attack some Big Corps website and *gasp* force their website down! Then there's a HUGE manhunt to get those criminals!

    Every one of these "law enforcement" officials should get a swift kick in the ass and their priorities straightened out.

    You don't assign every police officer to murder cases and let cases of car theft go uninvestigated, do you? You don't spend all of your resources going after counterfeiters and ignore the guy stealing social security checks from peoples' mailboxes. The people going after Anonymous are specialized for this kind of investigation. It would be pointless to put them on an anti-terrorism investigation.

  • by MichaelSmith (789609) on Sunday March 11, 2012 @04:39PM (#39320063) Homepage Journal

    Remember that kids. Its not only servers which log connections. Routers can do it as well. Don't do it from McDonalds because they use CCTV. Steal a connection but try not to leave DNA and only use any given connection once. Don't use a car which can be traced to you either. Don't associate with other hackers because they are probably spies. Don't promote your activities on twitter etc because that makes it too fucking easy for the police to come and get you.

    Also in the summary its supposed to be "plain sight", not "plain site". They are two different words.

  • Re:Story time (Score:5, Insightful)

    by Anonymous Coward on Sunday March 11, 2012 @04:43PM (#39320109)

    So he did what anyone would do: He asked for help. Not straight out. Not directly, because he was under surveillance all the time by his "friends". So he started leaving clues. Misplaced equipment that would, say, print out his initials over and over again when found later at the crime scene. Subtle things. But enough that law enforcement got the idea that someone was trying to say "help me get out."

    No offense but that sounds like complete crap. How many initials are we talking about here? Two? Three? It's stupid. Anyone doing stuff like this would increase massively their chance of being considered a liability without actually helping themselves at all. Their surveilance didn't pick up on the weird stuff he was doing, rigging equipment to print his intitials, but would have noticed if he'd put a letter in the post? WTF?

  • Re:Story time (Score:4, Insightful)

    by Anonymous Coward on Sunday March 11, 2012 @04:47PM (#39320149)

    A bit of time ago, I learnt that no clever criminal tells true stories of their past to their acquaintances, especially not ones prone to repeat said stories online.

    Either you're full of shit or your "man" is.

  • Re:So it goes (Score:3, Insightful)

    by Anonymous Coward on Sunday March 11, 2012 @05:15PM (#39320321)

    and a lack of maturity

    I personally think they're idiots, but the way the word "maturity" is thrown everywhere also seems wrong to me. As if anyone who does something that someone else doesn't like is objectively immature.

    "You found that joke funny!? You have a different sense of humor than me! That makes you immature!"
    "You used a name online that I don't like! Clearly you're objectively immature!"

    It's gotten to the point where the use of such words means absolutely nothing.

  • by Dekker3D (989692) on Sunday March 11, 2012 @05:31PM (#39320445)

    Perhaps he's insinuating that, if there's manpower to spare on either of those things, it should go to the more serious crimes. And the punishment should also fit the crime, and not be blown out of proportion.

    Even if he's not insinuating that, perhaps I should do so.

  • by elucido (870205) on Sunday March 11, 2012 @05:40PM (#39320521)

    And there is nothing more to say about it.

    Let me make something clear to any would be members of these groups or individuals who think hackers are cool. If you are a hacker expect to go to jail. Don't protest or do anything which isn't worth going to jail for. Most of the hacks these individuals participated in were not the sort of stuff that in hindsight they will believe was worth sacrificing their life for.

    These individuals may not be physically dead but they have no future, no career. The rumored snitch Sabu has it the worst because if what they say about him is true he's not going to be accepted in the criminal or police world so he's fucking gone.

    LulzSec always seemed like a dumbass group. I'm not a big fan of the whole AntiSec agenda, and I don't think LulzSec can be compared to Anonymous. LulzSec was not defending human rights in any way, while at least with Anonymous you have people who believe in something other than lulz.

  • by elucido (870205) on Sunday March 11, 2012 @05:42PM (#39320527)

    They're children going up against people who have been trained to play this game by masters at it. They were nothing until they became a significant irritant and when that happened they ended up under a sledgehammer. It is a most dangerous game where you cannot make a mistake at as your life is at stake. I don't know how badly they will fall but they're tagged now and most likely will be assigned to someone to watch for some time to come.

    And the worst part is these people don't seem at all prepared to get caught and go to jail. Sabu had a child? But he thought it was cool to hack the CIA and DOJ? Maybe he should have thought about what the government would do to his children before he messed with them. Common sense, if you mess with the government they do go after your family and they will treat you like a terrorist.

  • by elucido (870205) on Sunday March 11, 2012 @05:52PM (#39320589)

    And it doesn't require pissing off the feds. You can protest in a smart way or in a dumb way and many of Anonymous choose the dumb way with dumb consequences. If they are going to be political freedom fighters, warriors, then they will have to act like warriors and think like warriors.

    Young people need to be educated so they know when they get involved with these groups it's like getting involved with a mafia or terrorist organization. Their life is changed forever, many of them might not survive it, those who do could have their life destroyed in all kinds of ways, basically it's young people sacrificing their future.

    LulzSec in my opinion were sacrificing their future for dumb reasons. Was it worth going to jail over? Now they are useless to society and can't do shit.

  • by Baloroth (2370816) on Sunday March 11, 2012 @05:53PM (#39320605)

    We have people who are killing others. They are bombing innocents. They are threatening the security of the free World. And they are eluding authorities.

    But God forbid you attack some Big Corps website and *gasp* force their website down! Then there's a HUGE manhunt to get those criminals!

    Every one of these "law enforcement" officials should get a swift kick in the ass and their priorities straightened out.

    Right, because identity theft and monetary fraud should be ignored so long as there are murderers and rapists out there. And yes, the Lulzsec guys did, in fact, steal CC and SSN numbers and use them to commit fraud. Our present financial system, like it or not, is based around electronic identity and credit/debit. Comitting fraud like that destroys the trust in the system, which in turn contributes to economic insecurity for our entire economy.

    Was what they did as bad as the CEOs of mega-corporations who gamed the system, or a random murderer? No. Was it illegal and destructive to society, and therefore worthy of prosecution? Yes. Perhaps more importantly, if they let these guys continue, it gives other hackers confidence to try the same thing, and you can bet they won't all restrict themselves to hacking Stratfor: very soon, it would be your bank and your money that gets stolen, potentially destroying your entire life. Lawlessness cannot be allowed to continue, or it will spread. It happens every time.

  • by artor3 (1344997) on Sunday March 11, 2012 @06:16PM (#39320773)

    You aren't even following your own thoughts to their logical conclusions.

    So whenever we have manpower to spare for other things, it should be diverted to more serious crimes. That's what you're claiming -- I'm not even significantly changing your wording. Can you really not see that the ONLY possible outcome of that approach is having literally 100% of resources focused on whatever the single worst crime is? That until that outcome is reached, you can ALWAYS complain that we should take resources away from lesser crimes and focus them on worse ones?

    Look, if you think hacking and piracy should be legal, come out and say it. Don't put forward these facile arguments that society is incapable of enforcing multiple laws at once.

  • by LordLucless (582312) on Sunday March 11, 2012 @06:38PM (#39320919)

    You don't assign every police officer to murder cases and let cases of car theft go uninvestigated, do you? You don't spend all of your resources going after counterfeiters and ignore the guy stealing social security checks from peoples' mailboxes.

    No, but neither do you assign 1000% more funding to the social security check thieves than the anti-counterfeiting squad, and spend time training up all ten times more people to perform the former function than the latter.

    Yes, those particular officers aren't interchangeable. That doesn't mean anti-piracy tunnel-vision isn't an endemic problem in US law enforcement.

  • by bug1 (96678) on Sunday March 11, 2012 @06:45PM (#39320995)

    And it doesn't require pissing off the feds. You can protest in a smart way or in a dumb way

    So tell us, what is the smart way to protest online ?

    Unfortunately any online action does involve 'pissing off' authorities, because they have made everything that hurts them illegal.

    Why is a DDOS illegal, how is different that a RL protest outside a shop/factory ?

    If they are going to be political freedom fighters, warriors, then they will have to act like warriors and think like warriors

    So you are advocating violence as the smart way to protest ?

    FAIL !

  • by zippthorne (748122) on Sunday March 11, 2012 @08:31PM (#39321825) Journal

    Even just "locking up their dad in prison" would be pretty bad for his children...

  • by Taco Cowboy (5327) on Sunday March 11, 2012 @10:13PM (#39322493) Journal

    Hackers nowadays don't even know the rules of hacking

    First rule of hacking - Don't leave any trail behind

    Second rule of hacking - Leave false leads

  • by decora (1710862) on Sunday March 11, 2012 @11:17PM (#39322911) Journal

    Sabu was essentially an FBI agent. all the hacks that happened within the past 6 months under the guise of anonymous were, essentially, controlled and directed by the FBI. the FBI even hosted servers for them to use in their operation.

    the first rule of hacking would seem to be - if someone asks you to do something illegal and stupid, it's probably an FBI sting operation.

  • by cold fjord (826450) on Sunday March 11, 2012 @11:51PM (#39323071)

    So tell us, what is the smart way to protest online ?

    Unfortunately any online action does involve 'pissing off' authorities, because they have made everything that hurts them illegal.

    I guess creating websites advocating for their position with clever videos, news, and so forth is too much? Discussion forums? Press releases? Blogs? Opinion pieces? Trading links with other like minded sites? Developing issue resource centers? Starting local discussion & action groups. Seeking sponsors to fund them and extend their reach?

    If they wanted to go a little shady, maybe advocacy spam?

    Lots they could do if they were dedicated without DDOS, cracking, and stealing credit card numbers.

  • by lightknight (213164) on Sunday March 11, 2012 @11:56PM (#39323097) Homepage

    1st Amendment. Just get a copy of a video of them engaging in some wayward action, and upload it to the web. They'll be laughed at for a week, then fired.

    If you want to piss off the (laughable) authorities, just post a copy of their wife engaging in some extramarital affair (happens often enough). They won't be able to touch you, and they'll busy with family problems for the next seven years or so.

  • by Raenex (947668) on Monday March 12, 2012 @12:09AM (#39323169)

    Why is a DDOS illegal, how is different that a RL protest outside a shop/factory ?

    You can't legally prevent other people from gaining access to the shop/factory with your protest, and that's why a denial of service attack is different.

  • Also (Score:4, Insightful)

    by Sycraft-fu (314770) on Monday March 12, 2012 @06:21AM (#39324601)

    People who whine about the Big Corps and CEOs and all that seem to forget that quite often what they were doing was NOT illegal. You cannot punish someone ex post facto in the US. You can't say "What you were doing was perfectly legal when you did it, but now we want it to be illegal so we are going to punish you." That isn't just a concept in US law, it is one of those things made explicit by the constitution. Some of it is still legal now (like high frequency trading).

    The feds do, in fact, go after CEOs engaged in illegal behaviour. Bernie Madoff would e the most high profile recent example, but there are more if you care to look in to it. They don't just go and arrest anyone that some random geeks feel were bad though.

Thufir's a Harkonnen now.

Working...