Lulz Security | |
---|---|
Lulz Security logo |
|
Abbreviation | LulzSec |
Motto | "The world's leaders in high-quality entertainment at your expense" |
Formation | May 2011 |
Type | Hacking |
Affiliations | Anonymous, LulzRaft, AntiSec |
Volunteers | 6 |
Website | lulzsecurity.com |
Lulz Security, commonly abbreviated as LulzSec, was a computer hacker group that claims responsibility for several high profile attacks, including the compromise of user accounts from Sony Pictures in 2011. The group also claimed responsibility for taking the CIA website offline.[1] The group has been described as a "cyber terrorism group" by the Arizona Department of Public Safety after their systems were compromised and information leaked.[2] Other security professionals have applauded LulzSec for drawing attention to insecure systems and the dangers of password reuse.[3] It has gained attention due to its high profile targets and the sarcastic messages it has posted in the aftermath of its attacks.
At just after midnight (BST, UT+01) on 26 June 2011, LulzSec released a "50 days of lulz" statement, which they claimed to be their final release, confirming that LulzSec consisted of six members, and that their website is to be taken down.[4] This breaking up of the group was unexpected.[5] The release included accounts and passwords from many different sources. Despite claims of retirement, the group committed another hack against newspapers owned by News Corporation on 18 July, defacing them with false reports regarding the death of Rupert Murdoch. The London Metropolitan Police has announced the arrests of two teenagers they allege are LulzSec members T-flow and Topiary. The group helped launch Operation AntiSec, a joint effort involving LulzSec, Anonymous, and other hackers.
Contents |
LulzSec draws its name from the neologism "Lulz", (from LOLs), "laughing out loud", which often signifies laughter at the victim of a prank, and "Sec," short for "Security". The Wall Street Journal has characterized its attacks as closer to Internet pranks rather than serious cyber-warfare,[6] while the group itself claims to possess the capability of stronger attacks.[7] It has gained attention in part due to its brazen claims of responsibility and lighthearted taunting of corporations that have been hacked. It frequently refers to Internet memes when defacing websites. The group first emerged in May 2011, and has successfully attacked the websites of several major corporations.[6] It specializes in finding websites with poor security, and then stealing and posting information from them online. It has used well-known straightforward methods, such as SQL injection, to attack its target websites.[8] Several media sources have described their tactics as grey hat hacking.[8][9][10] Members of the group may have been involved in a previous attack against the security firm HBGary.[11]
The group has used the motto "Laughing at your security since 2011!" and its website, created in June 2011, plays the theme from The Love Boat.[6] It announces its exploits via Twitter and its own website, often accompanied with lighthearted ASCII art drawings of boats. Its website also includes a Bitcoin donation to help fund its activities.[12] Although exact motivation of the group is unknown,[8] Ian Paul of PC World has written that, "As its name suggests, LulzSec claims to be interested in mocking and embarrassing companies by exposing security flaws rather than stealing data for criminal purposes."[13] The group has also been critical of white hat hackers, claiming that many of them have been corrupted by their employers.[6]
Some in the security community have lauded them for raising awareness of the widespread lack of effective security against hackers.[14] They have also been credited with inspiring LulzRaft, a group which has been implicated in several high-profile website hacks in Canada.[15]
The group's first recorded attack was against Fox.com's website. It claimed responsibility for leaking information, including passwords, altering several employees' LinkedIn profiles, and leaking a database of X Factor contestants containing contact information of 73,000 contestants.[16][17] They claimed to do so because the rapper Common had been referred to as "vile" on air.[18]
The group has begun taking suggestions for sites to hit with denial-of-service attacks.[19] The group has also been redirecting telephone numbers to different customer support lines, including the line for World of Warcraft, magnets.com, and the FBI Detroit office. The group claims this sends five to 20 calls per second to these sources, overwhelming their support officers.[20] On 24 June 2011, The Guardian released leaked logs of the one of the group's IRC chats, revealing that the core group is a small group of hackers with a leader Sabu who exercises large control over the group's activities. It also reveals that the group has connections with Anonymous, though is not formally affiliated with it. Some LulzSec members had once been prominent Anonymous members, including member Topiary.[21]
At just after midnight (GMT) on 26 June 2011, LulzSec released a "50 days of lulz" statement, which they claimed to be their final release, confirming that LulzSec consisted of six members, and that their website is to be taken down.[22] The group claimed that they had planned to be active for only fifty days from the beginning.[23] "We're not quitting because we're afraid of law enforcement. The press are getting bored of us, and we're getting bored of us." a group member said in an interview to The Associated Press.[24] Members of the group have been reported to have joined with Anonymous members to continue the AntiSec operation.[25] However, despite claiming to retire, the group attacked the websites of British newspaper The Times and The Sun on 18 July, leaving a false story on the death of owner Rupert Murdoch.[26]
LulzSec consists of six core members.[22] The online handles of these six have been established through various attempts by other hacking groups to release personal information of group members on the internet, leaked IRC logs given to The Guardian, and through confirmation from the group itself.[27]
Associates and former members include:
. /$$ /$$ /$$$$$$ .| $$ | $$ /$$__ $$ .| $$ /$$ /$$| $$ /$$$$$$$$| $$ \__/ /$$$$$$ /$$$$$$$ .| $$ | $$ | $$| $$|____ /$$/| $$$$$$ /$$__ $$ /$$_____/ .| $$ | $$ | $$| $$ /$$$$/ \____ $$| $$$$$$$$| $$ .| $$ | $$ | $$| $$ /$$__/ /$$ \ $$| $$_____/| $$ .| $$$$$$$$| $$$$$$/| $$ /$$$$$$$$| $$$$$$/| $$$$$$$| $$$$$$.$ .|________/ \______/ |__/|________/ \______/ \_______/ \_______/ //Laughing at your security since 2011! + __ )| ________________________.------,_ _ _/o|_____/ ,____________.__;__,__,__,__,_Y...:::---===````// #anonymous |==========\ ; ; ; ; ; \__,__\__,_____ --__,-.\ OFF (( #anarchists `----------|__,__/__,__/__/ )=))~(( '-\ THE \\ #antisec \ ==== \ \\~~\\ \ PIGS \\ #lulzsec `| === | ))~~\\ ```"""=,)) #fuckfbifriday | === | |'---') #chingalamigra / ==== / `=====' ´------´
LulzSec does not appear to hack for financial profit.[38] The group's claimed main motivation is to have fun by causing mayhem.[39] They do things "for the lulz" and focus on the possible comedic and entertainment value of attacking targets.[40] The group occasionally has claimed a political message. When they hacked PBS, they stated they did so in retaliation for what they perceived as unfair treatment of Wikileaks in a Frontline documentary entitled WikiSecrets. A page they inserted to the PBS website included the title "FREE BRADLEY MANNING. FUCK FRONTLINE!"[41] The 20 June announcement of "Operation Anti-Security" contained justification for attacks on government targets, citing supposed government efforts to "dominate and control our Internet ocean" and accusing them of corruption and breaching privacy.[42] The media has most often described them as grey hat hackers.[8][39]
Karim Hijazi, CEO of security company Unveillance, has accused the group of blackmailing him by offering not to attack his company or its affiliates in exchange for money.[43] LulzSec responded by claiming that Hijazi offered to pay them to attack his business opponents and that they never intended to take any money from him.[44] LulzSec has denied responsibility for misuse of any of the data they breach and release. Instead, they place the blame on users who reuse passwords on multiple websites and on companies with inadequate security in place.[45]
In June 2011, the group released a manifesto outlining why they perform hacks and website takedowns. In it they reiterated that "we do things just because we find it entertaining" and that watching the results can be "priceless".[46] However, they also claim to be drawing attention to computer security flaws and holes. They contend that many other hackers exploit and steal user information without releasing the names publicly or telling people they may possibly have been hacked. LulzSec said that by releasing lists of hacked usernames or informing the public of vulnerable websites, it gives users the opportunity to change names and passwords elsewhere that might otherwise have been exploited, and businesses will be alarmed that they should upgrade their security.[46]
The group's latest attacks have had a more political tone. They claim to want to expose the "racist and corrupt nature" of the military and law enforcement. They have also expressed opposition to the War on Drugs.[47] Lulzsec's Operation Anti-Security has been characterized as a protest against government censorship and monitoring of the internet.[48] In a question and answer session with BBC Newsnight, LulzSec member Whirlpool said, "Politically motivated ethical hacking is more fulfilling". He claimed the loosening of copyright laws and the rollback of what he sees as corrupt racial profiling practices as some of the group's issues.[49]
The group's first attacks came in May 2011. Their first recorded target was Fox.com, which they retaliated against after they called Common, a rapper and entertainer, "vile" on the Fox News Channel. They leaked several passwords, LinkedIn profiles, and the names of 73,000 X Factor contestants. Soon after on 15 May, they released the transaction logs of 3,100 Automated Teller Machines in the United Kingdom.[18][40] In May 2011, members of Lulz Security gained international attention for hacking into the American Public Broadcasting System (PBS) website. They stole user data and posted a fake story on the site which claimed that Tupac Shakur and Biggie Smalls were still alive and living in New Zealand. In the aftermath of the attack, CNN referred to the responsible group as the "Lulz Boat".[50]
Lulz Security claimed that some of its hacks, including its attack on PBS, were motivated by a desire to defend WikiLeaks and Bradley Manning.[51] A Fox News report on the group quoted one commentator, Brandon Pike, who claimed that Lulz Security is affiliated with the hacktivist group Anonymous. Lulz Security claimed that Pike had actually hired it to hack PBS. Pike denied the accusation and claims it was leveled against him because he said Lulz Security was a splinter of Anonymous.[52]
In June 2011, members of the group claimed responsibility for an attack against Sony Pictures that took data that included "names, passwords, e-mail addresses, home addresses and dates of birth for thousands of people."[53] The group claimed that it used a SQL injection attack,[54] and was motivated by Sony's legal action against George Hotz for jailbreaking into the PlayStation 3. The group claims it will launch an attack that will be the "beginning of the end" for Sony.[55] Some of the compromised user information has since been used in scams.[56] The group claimed to have compromised over 1,000,000 accounts, though Sony claims the real number was around 37,500.[57]
Lulz Security attempted to hack into Nintendo, but both the group and Nintendo itself report that no particularly valuable information was found by the hackers.[58] LulzSec claims that it did not mean to harm Nintendo, declaring: "We're not targeting Nintendo. We like the N64 too much — we sincerely hope Nintendo plugs the gap."[59]
On 8 June 2011, LulzSec hacked into the website of Black & Berg Cybersecurity Consulting, a small network security company, and changed the image displayed on their front page to one containing the LulzSec logo. They did so after the company had issued a "Cybersecurity For The 21st Century, Hacking Challenge", in which they challenged hackers to hack the site and alter the homepage graphic. The intrusion came after Joe Black, an owner of the company posted the message "Black & Berg Cybersecurity Consulting appreciate all the hard work that you're putting in. Your Hacking = Clients for us. Thx" to the LulzSec Twitter account. Though Black & Berg offered a prize of $10,000 and a position with the company for the successful hack, members of LulzSec declined the offer.[60] Instead, the website contained the reply "DONE, THAT WAS EASY. KEEP THE MONEY, WE DO IT FOR THE LULZ".[61]
On 11 June, reports emerged that LulzSec reportedly hacked into and stole user information from the pornography website www.pron.com. They obtained and published around 26,000 e-mail addresses and passwords. Among the information stolen are records of two users who subscribed using email addresses associated with the Malaysian government, three users who subscribed using United States military email addresses and 55 users who LulzSec claimed were administrators of other adult-oriented websites. Following the breach, Facebook locked the accounts of all users who had used the published e-mail addresses, and also blocked new Facebook accounts opened using the leaked e-mail addresses. They feared that users of the site would get hacked after LulzSec encouraged people to try and see if these people used identical user name and password combinations on Facebook as well.[62]
LulzSec hacked into the Bethesda Game Studios network and posted information taken from the network onto the Internet, though they refrained from publishing 200,000 compromised accounts.[63] LulzSec posted the following message to Twitter regarding the attack, "Bethesda, we broke into your site over two months ago. We've had all of your Brink users for weeks, Please fix your junk, thanks!"[64]
On 14 June, LulzSec took down four websites by request of fans as part of their "Titanic Take-down Tuesday". These websites were Minecraft, League of Legends, The Escapist, and IT security company FinFisher.[65] They also attacked the login servers of the massively multiplayer online game EVE Online, which also disabled the game's front-facing website, and the League of Legends login servers. Most of the takedowns were performed with distributed denial-of-service attacks.[66] On 15 June, LulzSec took down the main server of S2 Games' Heroes of Newerth as another phone request. They claimed, "Heroes of Newerth master login server is down. They need some treatment. Also, DotA is better."[67]
On 16 June, LulzSec posted a random assortment of 62,000 emails and passwords to MediaFire. LulzSec states they released this in return for supporters flooding the 4chan /b/ board.[68] The group did not say what websites the combinations were for and encouraged followers to plug them into various sites until they gained access to an account. Some have reported gaining access to Facebook accounts and changing images to sexual content and others to using the Amazon.com accounts of others to purchase several books.[69] Writerspace.com, a literary website, later admitted that the addresses and passwords came from users of their site.[70]
LulzSec claims to have hacked local InfraGard chapter sites, a non-profit organization affiliated with the FBI.[6] The group leaked some of InfraGard member e-mails and a database of local users.[71] The group defaced the website posting the following message, "LET IT FLOW YOU STUPID FBI BATTLESHIPS," accompanied with a video. LulzSec has posted the following message regarding the attack:
"It has come to our unfortunate attention that NATO and our good friend Barrack Osama-Llama 24th-century Obama [sic] have recently upped the stakes with regard to hacking. They now treat hacking as an act of war. So, we just hacked an FBI affiliated website (Infragard, specifically the Atlanta chapter) and leaked its user base. We also took complete control over the site and defaced it [...]."[72]
On 9 June, LulzSec sent an email to the administrators of the British National Health Service, informing them of a security vulnerability discovered in NHS systems. LulzSec stated that they did not intend to exploit this vulnerability, saying in the email that "We mean you no harm and only want to help you fix your tech issues."[73]
On 13 June, LulzSec released the e-mails and passwords of a number of users of senate.gov, the website of the United States Senate.[74] The information released also included the root directory of parts of the website. LulzSec stated, "This is a small, just-for-kicks release of some internal data from senate.gov — is this an act of war, gentlemen? Problem?" referencing a recent statement by the Pentagon that some cyberattacks could be considered an act of war. No highly sensitive information appears in the release.[75]
On 15 June, LulzSec launched an attack on www.cia.gov, the public website of the United States Central Intelligence Agency, taking the website offline with a distributed denial-of-service attack.[76] The website was down from 5:48 pm to 8:00 pm eastern time.[77]
On 2 December, an offshoot of LulzSec calling itself LulzSec Portugal attacked several sites related to the government of Portugal. The websites for the Bank of Portugal, the Assembly of the Republic, and the Ministry of Economy, Innovation and Development all became unavailable for a few hours.[78]
On 20 June, the group announced it had teamed up with Anonymous for "Operation Anti-Security". They encouraged supporters to hack into, steal, and publish classified government information from any source while leaving the term "Antisec" as evidence of their intrusion. Also listed as potential targets were major banks.[42] USA Today characterized the operation as an open declaration of cyberwarfare against big government and corporations.[79] Their first target of the operation was the Serious Organised Crime Agency (SOCA), a national law enforcement agency of the United Kingdom. LulzSec claimed to have taken the website offline at about 11 am EST on 20 June 2011, though it only remained down for a few minutes.[80] While the attack appeared to be a DDoS attack, LulzSec tweeted that actual hacking was taking place "behind the scenes". At about 6:10 pm EST on 20 June, SOCA's website went down yet again.[81] SOCA's website was back online sometime between 20 and 21 June.[82] The website of the local district government of Jianhua District in Qiqihar, China, was also knocked offline.[83] Early in the morning on 22 June, it was revealed that LulzSec's "Brazilian unit" had taken down two Brazilian government websites, brasil.gov.br and presidencia.gov.br.[84][85] They also brought down the website of Brazilian energy company Petrobras.[86]
On 20 June, two members on the "Lulz Boat" reportedly leaked logs that LulzSec was going to leak on 21 June. They also claimed that the two had leaked information that aided authorities in locating and arresting Ryan Cleary, a man loosely affiliated with the group.[87] LulzSec posted various personal information about the two on Pastebin including IP addresses and physical addresses. Both had been involved with cyber-crimes in the past, and one had been involved with hacking the game Deus Ex.[88]
After LulzSec encouragement, some began tagging public locations with physical graffiti reading "Antisec" as part of the operation. Numerous beachfronts in Mission Beach, San Diego were vandalized with the phrase.[89] Some local news organizations mistook the graffiti in Mission Beach as signs of the Antisec Movement. Many commenters on the local news websites corrected this.[90]
On 23 June, LulzSec released a number of documents pertaining to the Arizona Department of Public Safety, which they titled "chinga la migra", which roughly translates to "fuck the border patrol". The leaked items included email addresses and passwords, as well as hundreds of documents marked "sensitive" or "for official use only". LulzSec claimed that this was in protest of the law passed in Arizona requiring some aliens to carry registration documents at all times.[91][92] Arizona officials have confirmed the intrusion.[93] Arizona police have complained that the release of officer identities and the method used to combat gangs could endanger the lives of police officers.[94]
On 24 June 2011, LulzSecBrazil published what they claimed were access codes and passwords that they used to access the Petrobras website and employee profile data they had taken using the information. Petrobras denied that any data had been stolen, and LulzSecBrazil removed the information from their Twitter feed a few hours later.[95] The group also released personal information regarding President of Brazil Dilma Rousseff and Mayor of São Paulo Gilberto Kassab.[96]
On 25 June 2011, LulzSec released what they described as their last data dump. The release contained an enormous amount of information from various sources. The files contained a half gigabyte of internal information from telecommunication company AT&T, including information relating to its release of 4G LTE and details pertaining to over 90,000 personal phones used by IBM. The IP addresses of several large corporations including Sony, Viacom, and Disney, EMI, and NBC Universal were included.[97][98] It also contained over 750,000 username and password combinations from several websites,[98] including 200,000 email addresses, usernames, and encrypted passwords from hackforums.net; 12,000 names, usernames, and passwords of the NATO online bookshop; half a million usernames and encrypted passwords of players of the online game Battlefield Heroes; 50,000 usernames, email addresses, and encrypted passwords of various video game forum users; and 29 users of Priority Investigations, an Irish private investigation company. Also included were an internal manual for AOL engineering staff and a screencapture of a vandalized page from navy.mil, the website of the United States Navy.[97] Members of the group continued the operation with members of Anonymous after disbanding.[25]
Despite claiming to have retired, on 18 July LulzSec hacked into the website of British newspaper The Sun.[26] The group redirected the newspaper's website to an also-hacked redesign website of another newspaper The Times, altering the site to resemble The Sun and posting a fake story claiming that Rupert Murdoch had died after ingesting a fatal dose of palladium.[99] They objected to the involvement of News Corporation, the Murdoch-owned company that publishes The Sun and The Times, in a large phone hacking scandal. The hacked website also contained a webcomic depicting LulzSec deciding on and carrying out the attack.[26][100] The group later redirected The Sun website to their Twitter feed. News International released a statement regarding the attacks before having the page the statement appeared on also redirected to the LulzSec Twitter page and eventually taken offline. The group also released the names and phone numbers of a reporter for The Sun and two others associated with the newspaper and encouraged their supporters to call them. They further included an old email address and password of former News International executive Rebekah Brooks.[101] News Corporation took the websites offline as a precaution later in the day.[102]
The media reported a number of attacks, originally attributed to LulzSec, that the group later denied involvement in. On 21 June, someone claiming to be from the group posted on Pastebin that they had stolen the entire database of the United Kingdom Census 2011. LulzSec responded by saying that they had obtained no such data and that whoever posted the notice was not from the group. British officials say that they are investigating the incident but have found no evidence that any databases had been compromised or any information taken.[103] The British government, upon concluding their investigation, called the claims that any information on the census was taken a hoax.[104]
In June 2011, assets belonging to newspaper publisher News International were attacked, apparently in retaliation for reporting by The Sun of the arrest of Ryan Cleary, an associate of the group. The newspaper's website and a computer used in the publishing process of The Times were attacked.[105] However LulzSec denied any involvement, stating "we didn't attack The Sun or The Times in any way with any kind of DDoS attack".[106]
A number of different hackers have targeted LulzSec and its members in response to their activities. On 23 June 2011, Fox News reported that rival hacker group TeaMp0isoN were responsible for outing web designer and alleged LulzSec member Sven Slootweg, who they said used the online nickname Joepie91,[107] and that they have intentions to do the same with every member.[108] The group has expressed being motivated by what they perceive as LulzSec's low hacking abilities, bringing them media attention they do not deserve. One member of the group, Hex0010, proclaimed "We're here to show the world that they're nothing but a bunch of script kiddies. You think, 'I'm a bad-ass hacker because I can knock someone offline for a few minutes.' That's bullshit. Come on."[109]
A group calling themselves Team Web Ninjas appeared in June 2011 saying they were angry over LulzSec release of the e-mail addresses and passwords of thousands of normal Internet users. They have attempted to publicly identify the online and real world identities of LulzSec leadership and claim to do so on behalf of the group's victims.[110] The group has claimed to have identified and given to law enforcement the names of a number of the group's members, including someone they claim is a United States Marine.[109]
The Jester, a hacker who generally goes by the leetspeak handle th3j35t3r
, has vowed to find and expose members of LulzSec.[94] Claiming to perform hacks out of a sense of American patriotism,[111] he has attempted to obtain and publish the real world personally identifiable information of key members, whom he describes as "childish".[110] On 24 June 2011, he claimed to have revealed the identity of LulzSec leader Sabu as an information technology consultant possibly from New York City.[112] On 24 June 2011, a hacker allegedly going by the name Oneiroi briefly took down the LulzSec website in what he labelled "Operation Supernova".[113] The Twitter page for the group also briefly became unavailable.[114]
On 24 June 2011, The Guardian published leaked logs from one of the group's IRC channels.[115] The logs were supposedly leaked by a disgruntled former member of the group who goes by the nickname m_nerva.[21] After confirming that these leaked logs were indeed theirs, and that the logs revealed personal information on two members who had recently left the group due to the implications of attacking the FBI website, LulzSec went on to threaten m_nerva on their Twitter feed.[21] LulzSec claimed that the logs were not from one of their core chatting channels, but rather a secondary channel used to screen potential backups and gather research.[21]
A short time before LulzSec claimed to be disbanding, a group calling itself the A-Team posted what they claimed was a full list of LulzSec members online along with numerous chat logs of the group communicating with each other. A rival hacker going by the name of TriCk also claimed to be working to reveal the group's identities and claimed that efforts on the part of rival hackers had pushed the group to disband for fear of being caught.[116]
On 21 June 2011, the Metropolitan Police announced that they had arrested a 19 year old man from Wickford, Essex, named by LulzSec and locally as Ryan Cleary,[117] as part of an operation carried out in cooperation with the FBI.[118] The suspect was arrested on charges of computer misuse and fraud,[119] and later charged with five counts of computer hacking under the Criminal Law Act and the Computer Misuse Act.[33] News reports described him as an alleged member of LulzSec.[120] LulzSec have since denied the man arrested was a member.[121] A member of LulzSec claimed that the suspect was not part of the group, but did host one of its IRC channels on his server.[34] British police representatives have confirmed that he is being questioned regarding alleged involvement in LulzSec attacks against the Serious Organized Crime Agency (SOCA) and other targets. They also questioned him regarding an attack on the International Federation of the Phonographic Industry in November 2010.[33] On 25 June 2011 the court released Cleary under the bail conditions that he did not leave his house without his mother and did not use any device connected to the internet. He had been diagnosed the previous week with Asperger syndrome.[122]
At around the same time as Cleary's arrest, Federal Bureau of Investigation agents raided the Reston, Virginia facility of Swiss web hosting service DigitalOne.[123] The raid took several legitimate websites offline for hours as the agency looked for information on an undisclosed target.[124] Media reports have speculated that the raid may have been related to the LulzSec investigation.[123]
After LulzSec hacked into Arizona Department of Public Safety databases, law enforcement activated the Arizona Counter Terrorism Information Center. All Department of Public Safety employees had remote access of their email accounts suspended. Officers that had their personal information and that of their families released publicly were given additional protection.[125] They further reiterated that, despite having disbanded, members of LulzSec were still being pursued for criminal prosecution.[126]
A few days before LulzSec disbanded, the FBI executed a search warrant on an Iowa home rented by Laurelai Bailey. Authorities interviewed her for five hours and confiscated her hard drives, camera, and other electronic equipment, but no charges were filed. Bailey denied being a member of the group, but did admit to chatting with members of LulzSec online and later leaking those chats.[127] They were interested in having her infiltrate the group, but Bailey claimed that the members hated her and would never let her in.[128] The questioning by the FBI led a local technical support company to fire Laurelai, claiming that she had embarrassed the company.[129][130]
On 27 June 2011, the FBI executed another search warrant in Hamilton, Ohio. The local media connected the raid to the LulzSec investigation; however, the warrant is sealed, the name of the target was not revealed, and the FBI office in Cincinnati refused to comment on any possible connection between the group and the raid.[131] No one in the residence was charged with a crime after the FBI served the warrant.[132] Some reports suggested the house may belong to former LulzSec member m_nerva, who leaked a number of the group's logs to the press, and information leading to the warrant supplied by Ryan Cleary.[133]
On 19 July 2011, the London Metropolitan Police announced the arrest of LulzSec member Tflow. A 16 year-old male was arrested in South London on charges of violating the Computer Misuse Act as part of an operation involving the arrest of several other hackers affiliated with Anonymous in the United States and United Kingdom.[32][134] LulzSec once again denied that any of their membership had been arrested, stating "there are six of us, and we're all still here."[135]
On the same day, the FBI arrested 21-year-old Lance Moore in Las Cruces, New Mexico. He was accused of stealing thousands of documents and applications from AT&T that LulzSec published as part of their so called "final release".[135] The FBI also arrested Scott Arciszewski, a 21-year old University of Central Florida student. The criminal complaint against him claims that he hacked into and uploaded malicious files to the InfraGard website; he then informed LulzSec of the vulnerabilities he had inserted, allowing them to hack into the website as well.[136]
The Police Central E-Crime Unit arrested an 18-year-old man from Shetland on 27 July 2011 suspected of being LulzSec member Topiary. They also searched the house of and interviewed a 17-year-old from Lincolnshire possibly connected to the investigation.[30] Scotland Yard later identified the man arrested as Yell, Shetland resident Jake Davis. He was charged with unauthorized access of a computer under the Computer Misuse Act 1990, encouraging or assisting criminal activity under the Serious Crime Act 2007, conspiracy to launch a denial-of-service attack against the Serious Organised Crime Unit contrary to the Criminal Law Act 1977, and criminal conspiracy also under the Criminal Law Act 1977.[137] Police confiscated a Dell laptop and a 100-gigabyte hard drive that ran 16 different virtual machines. Details relating to an attack on Sony and hundreds of thousands of email addresses and passwords were found on the computer.[138] A London court released Davis on bail under the conditions that he live under curfew with his parents and have no access to the internet. His lawyer Gideon Cammerman stated that, while his client did help publicize LulzSec and Anonymous attacks, he lacks the technical skills to have been anything but a sympathizer.[138]
In early September 2011, Scotland Yard made two further arrests relating to LulzSec. Police arrested a 24-year-old male in Mexborough, South Yorkshire and a 20-year-old male in Warminster, Wiltshire. The two are accused of conspiring to commit offenses under the Computer Misuse Act of 1990; police said that the arrests related to investigations into LulzSec member Kayla.[139]
On 22 September 2011, the FBI arrested Cody Kretsinger, a 23-year-old from Phoenix, Arizona who has been indicted on charges of conspiracy and the unauthorized impairment of a protected computer. He is suspected of using the name recursion and assisting LulzSec in their early hack against Sony Pictures Entertainment, though he allegedly erased the hard drives he used to carry out the attack.[140] Kretsinger was released on his own recognizance under the conditions that he not access the internet except while at work and that he not travel to any states other than Arizona, California, or Illinois. The case against him was filed in Los Angeles, where Sony Pictures is located.[141]
|