Five hackers associated with some of the most notorious cybercrimes in recent years were charged Tuesday after a key member of their loose-knit network was turned by the FBI and became a confidential informant, according to federal officials.
Federal prosecutors in New York unveiled the charges against five men — two from Britain, two from Ireland and one from Chicago — in connection with a string of cyber-assaults in which hackers stole confidential information from U.S. companies and temporarily shut down government Web sites.
In one of the most recent cases, the hackers are alleged to have provided e-mails from Stratfor, a private intelligence company with close links to the U.S. government, to the anti-secrecy group WikiLeaks, which in February began publishing the e-mails online.
Officials said Tuesday that investigators were led to the five men, affiliated with the hacking group Anonymous, by Hector Xavier Monsegur, a New York-based hacker who was arrested last June and began secretly working with the FBI to identify some of his cohorts.
“This is the most important roll-up of hackers ever,” said Richard Stiennon, a cybersecurity analyst who has closely followed Anonymous. He said the investigation has injected “distrust into Anonymous” and, as a consequence, the FBI may have “broken the back of the collective.”
The men were indicted on computer-hacking charges and other crimes by the U.S. Attorney’s Office for the Southern District of New York. It was unclear how many of the European suspects had been arrested.
Still, senior law enforcement officials said that the case will take “core members” of the group offline and that more charges could follow. Some of the men also were charged in hacking incidents carried out by an Anonymous offshoot called LulzSec.
“We think this is a significant case,” said a federal law enforcement official, who spoke on the condition of anonymity because the investigation is ongoing. “It involves very significant hacks and cyberattacks that affected over a million victims.”
A second official said Monsegur, who lives in public housing on Manhattan’s Lower East Side, was identified after an apparent slip-up in which he did not mask his Internet protocol address while he was online. Officials said the prospect of a long prison sentence later convinced him to cooperate with the FBI.
On Tuesday, some Anonymous activists fumed at what they saw as a betrayal by Monsegur, known online by the handle Sabu.
“A lot of people are angry,” said Gregg Housh, a former Anonymous activist who is in touch with members. “Somebody asked me if I thought the FBI was giving him protection or not because, this person said, he’s going to need it.”
Monsegur, who had 45,000 Twitter followers, was adept at firing up members to disrupt government and corporate Web sites by overwhelming servers with requests for access, causing them to crash, Housh said.
Before his arrest, which was made public Tuesday, Monsegur briefly participated in retaliatory attacks on the Web sites of Visa, MasterCard and PayPal after those organizations stopped processing transactions for WikiLeaks. He was charged with computer hacking and other crimes.
“Sabu was everywhere,” Housh said. “People wanted to talk to him.” Now anyone who chatted with him online is trying to erase any track — deleting data on hard drives and ditching computers.“People are heading for the hills to hide out for a few weeks.”
Among those arrested Tuesday was Jeremy Hammond of Chicago, who is accused of breaking into the computer systems of Austin-based Stratfor. Hammond was a member of AntiSec, an offshoot of Anonymous, and was previously convicted of hacking into an unspecified politically conservative Web site, according to the federal complaint.
In an online chat from July 2011 cited in court documents, Hammond described himself as a “freegan,” someone who practices “eating and reclaiming food that has been discarded.”The documents noted that “in conducting surveillance, agents have seen Hammond going into dumpsters to get food.”
The other men charged Tuesday were identified as Donncha O’Cearrbhail of Birr, Ireland; Ryan Ackroyd of Doncaster, England; Jake Davis of the Shetland Islands, Scotland; and Darren Martyn of Galway, Ireland.
O’Cearrbhail, a 19-year-old university student, is alleged to have secretly recorded and disseminated audio from a January conference call in which FBI and European police officials discussed investigations of Anonymous and affiliated groups.
U.S. prosecutors alleged that O’Cearrbhail got access to the personal e-mail account of an Irish police officer who had forwarded work e-mails to his Gmail account. That allowed O’Cearrbhail, prosecutors said, to access the call-in number and password for the conference call.
He also was involved with hacking the Fox Broadcasting Company computer servers and obtaining the names, addresses and phone numbers of 75,000 potential contestants on the television show “X-Factor.”
A law enforcement official said the case exposes the world of ideologically motivated cyber-activists who are hostile to authority.
“These groups operate in a loose confederation,” he said. “These people know each other only through chats on machines and operate countries apart. They were in the U.K., Ireland and the U.S. But they feel very bonded to each other.”
Staff researcher Julie Tate and staff writer Ian Shapira contributed to this report.