Hacker Arrests May Have Netted LulzSec Leader
The international dragnet by authorities yesterday that swept up 21 people suspected of taking part in "hacktivist" cyberattacks may also have netted a top-level LulzSec member.
London's Metropolitan Police e-Crime Unit arrested a 16-year-old male yesterday (July 19). Fox News cited unnamed sources who said the teenager was believed to be "Tflow," a heavy hitter in the tight-knit Lulz Security (LulzSec) group that spun off from the larger Anonymous movement months ago.
The Financial Times later independently quoted unnamed London police officials as saying the teenager was suspected of being Tflow.
The boy was being held at a London police station on suspicion of breaching the Computer Misuse Act.
Sixteen people were arrested by the FBI in the US yesterday, while Dutch police netted another four. The London teen was the sole British arrest.
Despite the assertions, however, it's uncertain whether the 16-year-old arrested is the real Tflow.
Who is Tflow?
The Anonymous dissident group Backtrace Security profiled LulzSec's core members based on leaked chat logs that emerged last month. Backtrace identified Tflow as a Web developer at the UK-based company Wikijob, and other posts by LulzSec's enemies have repeated the claim.
The man, whom we won't name here, identifies himself on his social networking profiles as a hacker, a Londoner and as someone who held a full-time job before going to university from 2007 to 2010. (British undergraduates normally go to college for three years.)
His LinkedIn profile and personal sites show a Middle Eastern or South Asian man in his 20s or 30s not a 16-year-old boy.
Were any LulzSec hackers apprehended?
According to a report in The Atlantic Online, the suspected LulzSec and Anonymous member known as Topiary said in a public chatroom that no major Anonymous hackers were arrested in yesterday's dragnet.
"To be honest, I don't see a single major Anon hacker (or at least any hacker that's wrecked things for the entire year) come close to arrest," Topiary said.
Topiary pointed out that the FBI roundup targeted small fry volunteers and supporters of Anonymous and LulzSec "who accidentally (or just foolishly) used LOIC from their home IPs."
The LOIC, or Low Orbit Ion Cannon, is a server-load-testing tool frequently misused in distributed denial-of-service (DDoS) attacks. But because LOIC was never designed to be used by hackers, it's actually pretty insecure: It gives its target servers the IP addresses of the computers attacking them.
That means that anyone using the LOIC without a proxy server to mask his IP address would be relatively easy for authorities to catch. It'd be like shooting a gun into a crowd in broad daylight without wearing a mask, on camera. By contrast, skilled hackers do their dirty work in the equivalent of dark rooms, wearing masks.
Reach out and steal something
Also included in yesterday's arrests was Lance Moore, a 21-year-old resident of Las Cruces, N.M., an AT&T employee accused of stealing confidential information from AT&T's servers.
Moore's arrest may have been precipitated by the arrest of Ryan Cleary , a 19-year-old member of both Anonymous and LulzSec who was detained June 20 at his home east of London.
Before Cleary's arrest, the Tech Herald spoke with Cleary. He admitted that an AT&T insider had leaked more than 60,000 phone numbers, as well as usernames and passwords of AT&T employees and technical documents and internal presentations.
If convicted, Moore faces 10 years in prison and a $250,000 fine.
Meanwhile, the real ringleaders of Anonymous and LulzSec remain untouched.
Famed former hacker Kevin Mitnick, who spent five year in prison for hacking into half a dozen major companies' servers during the 1990s, perhaps summed it up best.
- Hey Stupid: Why Internet Hacking Is Your Fault
- Cybercrime Blotter: High-Profile Hacks of 2011
- What to Do When Your Email Gets Hacked