News and speculation have been all a twitter this morning with the revelation that the FBI has arrested two alleged members of the group LulzSec and the hacktivist collective Anonymous on Thursday morning in Tempe, Arizona and San Francisco, California.
Court documents and charges have been filed against other hackers and search warrants are being executed in New Jersey, Minnesotaand Montana—all of this first reported on Foxnews.com, who had also been one of the targets of LulzSec during their 50-day rampage of high-profile hacks.
Alleged member of LulzSec and hacking suspect, Cody Andrew Kretsinger, a 23-year-old Temperesident, has been charged with one count of conspiracy and one count of computer fraud for his part in attacks against Sony’s servers. In the grand jury indictment filing his proper name and his hacker handle are listed: “CODY ANDREW KRETSINGER aka ‘recursion,’ Defendant.” This is the username he used to sign into virtual private network site hidemyass.com—a service supplied for people to avoid the censorship of the web and encrypt their Internet communication. Hidemyass.com has since posted their own commentary on what their service is about and when they’ll cooperate with authorities when people use their system for evil.
It is alleged that Kretsinger used the VPN service to cover his tracks while using SQL-injection attacks against Sony’s servers to breach their security and steal data from inside their network.
He also allegedly erased his hard drives and magnetic media in an effort to eliminate evidence of his hacks.
Earlier this year, Sony suffered massive compromises where hackers stole the data for over 75 million user accounts that caused Sony to shut down the PlayStation Network for over a month. LulzSec isn’t known to be connected to the initial hack; however, the hactivist group did take responsibility for a later hack that stole 1 million user credentials from Sony Pictures Entertainment.
After the hack attacks, Sony has faced a class action lawsuit from users who believe that their failure to properly secure their personal information opened them up to unnecessary harm. Sony estimates the hacks, the cleanup, the shutdown, and the lawsuit have cost them almost $170 million already. Recently, Sony changed the PlayStation 3 EULA and TOS to force users into individual arbitration to provide an obstacle against future class-action lawsuits.
News of the arrest in San Franciso affording the hacktivist from Anonymous seems a bit more sketchy. Foxnews.com reports, “[t]he suspected hacker is homeless and alleged to have been involved inSanta CruzCountygovernment website cyberattacks, an FBI official told FoxNews.com exclusively. That suspect appears to have been Doyon, though this couldn’t be immediately confirmed Thursday night.”
There’s no details on what hacks the Anonymous had been involved in or why the FBI targeted him.
All of these search warrants and arrest further the continuing arrests and charges levied against alleged members of LulzSec such as Topiary and raids and arrests against alleged members of Anonymous across the world such as 32 raids in Italy, arrests Hartlepool, UK, and the activities of other international authorities. Most of these arrests spurred against suspects involved in Distributed Denial of Service attacks against sites such as PayPal and others in the wake of the Wikileaks fiasco.