select search filters
briefings
roundups & rapid reactions
before the headlines
Fiona fox's blog
LulzSec are a group of hackers, affiliated to the Anonymous group, whose leader was arrested by the FBI and cooperated to give information about other hackers.
Professor Alan Woodward, Department of Computing at the University of Surrey, said:
“The hacker group Lulzsec have been relatively quiet since the middle of 2011, which matches with today’s reports of when the leader of this group was arrested. Lulzsec was always thought to be an offshoot of Anonymous, who have continued to be active during this period, so again it would appear to match well with what we thought.
“Judging by the level of activity this morning, where hackers have been pasting personal information about the person reported as having turned witness to implicate other hackers, it would appear that there is a considerable rift inside these groups. The hackers are certainly acting as if they feel they have betrayed by one of their own.
“Lulzsec was an offshoot of Anonymous. The leader Lulzsec went by the online name of Sabu and the security community has known his real identity for some time. However, it was played down until now. Having been secretly arrested last year and having pled guilty to computer hacking, he was giving protection as a witness to enable the FBI, Met Police and Garde to use information he provided to round up those he had implicated. Now the Lulzsec group has effectively been beheaded.
“However, Lulzsec has been relatively inactive since mid-2011, which is when their leader was arrested. So, the arrests today do not materially change the threat still posed by hackers. While a member of the group Anonymous was arrested today in the raids (someone who is thought to have been responsible for the ‘Stratfor’ hack which is still causing problems through the leaked emails from Wikileaks), Anonymous is still very much active.
“It would be brave person that relaxed their guard just because of these arrests.
“A lot of the hacking results from relatively simple exploits. The Stratfor attack, for example, took place because they used passwords for Administrator accounts that were very easy to guess: things like Stratfor1234. Not quite as bad the Turkish police system hack this week where they used the same password as was used in Spaceballs the movie: ‘12345’.
“The real science actually begins now as the law enforcement agencies grab the equipment and conduct forensics to widen the net. I imagine there are quite a few worried members of the group today. They may have used encryption to protect their equipment (I suspect not) in which case there will be a lot of work done to try to break the keys used to encrypt the data. In the US, following a supreme court ruling only a few days ago, you cannot force someone to decrypt their machine as it would violate their 5th Amendment rights. Hence, the FBI potentially have quite a job on their hands – the real value in the arrests is what it might lead them to, not just what they have.”