The Washington Post

5 alleged members of Anonymous hacking group charged

Five hackers associated with some of the most notorious cybercrimes in recent years were charged Tuesday after a key member of their loose-knit network was turned by the FBI and became a confidential informant, according to federal officials.

Federal prosecutors in New York unveiled the charges against five men — two from Britain, two from Ireland and one from Chicago — in connection with a string of cyber-assaults in which hackers stole confidential information from U.S. companies and temporarily shut down government Web sites.

In one of the most recent cases, the hackers are alleged to have provided e-mails from Stratfor, a private intelligence company with close links to the U.S. government, to the anti-secrecy group WikiLeaks, which in February began publishing the e-mails online.

Officials said Tuesday that investigators were led to the five men, affiliated with the hacking group Anonymous, by Hector Xavier Monsegur, a New York-based hacker who was arrested last June and began secretly working with the FBI to identify some of his cohorts.

“This is the most important roll-up of hackers ever,” said Richard Stiennon, a cybersecurity analyst who has closely followed Anonymous. He said the investigation has injected “distrust into Anonymous” and, as a consequence, the FBI may have “broken the back of the collective.”

The men were indicted on computer-hacking charges and other crimes by the U.S. Attorney’s Office for the Southern District of New York. It was unclear how many of the European suspects had been arrested.

Still, senior law enforcement officials said that the case will take “core members” of the group offline and that more charges could follow. Some of the men also were charged in hacking incidents carried out by an Anonymous offshoot called LulzSec.

“We think this is a significant case,” said a federal law enforcement official, who spoke on the condition of anonymity because the investigation is ongoing. “It involves very significant hacks and cyberattacks that affected over a million victims.”

A second official said Monsegur, who lives in public housing on Manhattan’s Lower East Side, was identified after an apparent slip-up in which he did not mask his Internet protocol address while he was online. Officials said the prospect of a long prison sentence later convinced him to cooperate with the FBI.

On Tuesday, some Anonymous activists fumed at what they saw as a betrayal by Monsegur, known online by the handle Sabu.

“A lot of people are angry,” said Gregg Housh, a former Anonymous activist who is in touch with members. “Somebody asked me if I thought the FBI was giving him protection or not because, this person said, he’s going to need it.”

Monsegur, who had 45,000 Twitter followers, was adept at firing up members to disrupt government and corporate Web sites by overwhelming servers with requests for access, causing them to crash, Housh said.

Before his arrest, which was made public Tuesday, Monsegur briefly participated in retaliatory attacks on the Web sites of Visa, MasterCard and PayPal after those organizations stopped processing transactions for WikiLeaks. He was charged with computer hacking and other crimes.

“Sabu was everywhere,” Housh said. “People wanted to talk to him.” Now anyone who chatted with him online is trying to erase any track — deleting data on hard drives and ditching computers.“People are heading for the hills to hide out for a few weeks.”

Among those arrested Tuesday was Jeremy Hammond of Chicago, who is accused of breaking into the computer systems of Austin-based Stratfor. Hammond was a member of AntiSec, an offshoot of Anonymous, and was previously convicted of hacking into an unspecified politically conservative Web site, according to the federal complaint.

In an online chat from July 2011 cited in court documents, Hammond described himself as a “freegan,” someone who practices “eating and reclaiming food that has been discarded.”The documents noted that “in conducting surveillance, agents have seen Hammond going into dumpsters to get food.”

The other men charged Tuesday were identified as Donncha O’Cearrbhail of Birr, Ireland; Ryan Ackroyd of Doncaster, England; Jake Davis of the Shetland Islands, Scotland; and Darren Martyn of Galway, Ireland.

O’Cearrbhail, a 19-year-old university student, is alleged to have secretly recorded and disseminated audio from a January conference call in which FBI and European police officials discussed investigations of Anonymous and affiliated groups.

U.S. prosecutors alleged that O’Cearrbhail got access to the personal e-mail account of an Irish police officer who had forwarded work e-mails to his Gmail account. That allowed O’Cearrbhail, prosecutors said, to access the call-in number and password for the conference call.

He also was involved with hacking the Fox Broadcasting Company computer servers and obtaining the names, addresses and phone numbers of 75,000 potential contestants on the television show “X-Factor.”

A law enforcement official said the case exposes the world of ideologically motivated cyber-activists who are hostile to authority.

“These groups operate in a loose confederation,” he said. “These people know each other only through chats on machines and operate countries apart. They were in the U.K., Ireland and the U.S. But they feel very bonded to each other.”

Staff researcher Julie Tate and staff writer Ian Shapira contributed to this report.

Sari Horwitz covers the Justice Department and criminal justice issues nationwide for The Washington Post, where she has been a reporter for 30 years.

The Freddie Gray case

Please provide a valid email address.

You’re all set!

Campaign 2016 Email Updates

Please provide a valid email address.

You’re all set!

Get Zika news by email

Please provide a valid email address.

You’re all set!
Show Comments

Sign up for email updates from the "Confronting the Caliphate" series.

You have signed up for the "Confronting the Caliphate" series.

Thank you for signing up
You'll receive e-mail when new stories are published in this series.
Most Read



Success! Check your inbox for details.

See all newsletters

Close video player
Now Playing

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.