LulzSec: the members and the enemies

Image via Wikipedia

While Sabu and Topiary are firmly on the inside, the likes of The Jester and LulzSec Exposed are most certainly not

 

Inside

Sabu Apparent founder and leader of LulzSec, he is a long-time hacktivist associated with senior Anonymous members. Decides who can join the group and who should be targeted. Attempts by rivals to uncover details about his real-life identity suggest he is a 30-year-old IT consultant skilled in the Python programming language who has lived in New York. The timing of some his tweets – tweeting “goodnight all” at 0700 BST, or 0200 New York time – implies he is on the US’s eastern seaboard.

 

Topiary Believed to be second-in-command, and the public face of LulzSec. An eloquent writer with a sharp turn of phrase, Topiary manages the main LulzSec Twitter account and has a hand in most of the group’s rare public pronouncements. Well-known among hackers due to long links with senior Anonymous members. Chat logs taken over five days from May and June show Topiary to be oddly self-conscious – he said of a Wikipedia page about himself: “can we delete it somehow?” – and not beyond his own reproach: “Sabu and I got a bit carried away and gave LulzSec away a bit.” Little is known about his identity, though he has been informally addressed as Daniel in leaked transcripts.

 

Kayla Thought to be the only senior female member of the hacking community, with lengthy involvement in the top command of Anonymous and, latterly, LulzSec. Apparently owns a powerful botnet used to take down targets. May have been instrumental in the attack in February on a US security firm, HBGary. In logs, referred to as LulzSec’s “assassin/spy”.

 

Storm Another senior hacker apparently controlling a large botnet of infected computers. Known for targeting rival hacker forums, and acting on Sabu’s instruction. Appears to be a veteran in the world of taking down websites, privately disclosing this month in logs seen by the Guardian that his denial of service tool is “over 10 years old”.

Joepie92/Joepie91

Fringe member who spends much of the time “idling” in the group’s chatrooms rather than actively co-ordinating or supporting attacks. Helps identify rival hackers. Little is known about his real-life identity.

 

 

Neuron One of the most technically able members of LulzSec, Neuron builds tools for the group and is occasionally involved in distributed denial of service (DDoS) attacks. Little is known about Neuron’s real-life identity, although his use of “aye” for “yes” suggests he is in or from the UK.

 

Tflow Credited with creating LulzSec’s famous Friday song, a comical skit denouncing other hackers and warning its rivals. Tflow also appears to be involved in maintenance for the main LulzSec website, protecting it from incoming attacks. Claims to have been around since the start of LulzSec towards the end of May.

Outside

The Jester Emphatically not a member of LulzSec. A lone-wolf hacker, self-described as a “hacktivist for good”. Believed to be ex-military, The Jester appears to have considerable firepower, which he principally employs against jihadist websites. A thorn in the side of the sprawling collectives Anonymous and, latterly, LulzSec for some time: publicly mocking their “childish” pursuits and threatening to expose key members by releasing their “Dox”: documents and information that would identify them in real life. Most believe the Jester to be based in the US, a product of his military background. He also attacks what he calls “terrorists, sympathizers, fixers, facilitators, and other general bad guys”. Brought down the WikiLeaks website in November, hours before it released the US diplomatic cables, with an enormous DDOS attack.

 

LulzSec Exposed Group of unknown size of self-described “web ninjas” who say they are unaffiliated to The Jester, but share his desire to out members of LulzSec. Claim to be angry on behalf of victims; English may not be their first language (or perhaps not that of the person(s) writing their blog. “We are not doing this for [the] sake of publicity or media attention,” they say on their blog. “We just thought we could help and we did it.”

LulzSec claims new international hacking victory

Image via Wikipedia

LulzSec claims to have brought down two Brazilian government websites in fresh attacks after a 19-year-old teenager from Essex was arrested, accused of being part of the hacker group.

In a tweet in the early hours of Wednesday morning, LulzSecBrazil wrote: “TANGO DOWN brasil.gov.br & presidencia.gov.br”

Another Twitter message from the main LulzSec page then added: “Our Brazilian unit is making progress. Well done @LulzSecBrazil, brothers!”

The websites are the official pages of the Brazilian Government and the President’s office, the equivalent of the Downing Street site.

Attempts to access the websites this morning proved unsuccessful and the attacks appeared to have swamped the pages with internet visits, causing them to crash.

The Brazilian government has become the latest high-profile victim claimed by LulzSec in a list which has allegedly included the CIA, the US Senate, the US television broadcaster PBS, Britain’s Serious and Organised Crime Agency and the technology firms Sony and Nintendo.

Related Articles

• Teenage loner held over global ‘hacking’ claims

  22 Jun 2011

• Lulzsec hacking: a timeline

  21 Jun 2011

• What information is in the database?

  21 Jun 2011

• File-hosting service leaves 25m users’ accounts unlocked

  21 Jun 2011

• Hacking: the risks to internet users aren’t going away

  22 Jun 2011

• Fears for patients’ data after NHS hack

  09 Jun 2011

If the claims are accurate, it would not be the first time that LulzSec has reacted hard to attempts to damage it.

Yesterday, the group posted the private details, including the home addresses, of one hacker and his associate who “tried to snitch on us”, accusing the hacker of “countless cybercrimes”.

Addressing the post to the “FBI & other law enforcement clowns”, they signed off: “There is no mercy on The Lulz Boat. Snitches get stitches.”

Our Brazilian unit is making progress. Well done @LulzSecBrazil, brothers!less than a minute ago via web Favorite Retweet ReplyThe Lulz Boat
LulzSec

 

The 19-year-old arrested in the UK on Monday night is Ryan Cleary, the son of a college lecturer. The teenager is accused of being a “major player” in LulzSec.

He was held in a raid at his family home in Wickford following a joint investigation between Scotland Yard and the FBI, which was also aimed at finding the hackers who breached security at the video games firms.

No messages were posted on the Twitter account of LulzSec for about 10 hours after the arrest before two denials came.

One read: “Clearly the UK police are so desperate to catch us that they’ve gone and arrested someone who is, at best, mildly associated with us. Lame”

Another read: “Seems the glorious leader of LulzSec got arrested, it’s all over now… wait… we’re all still here! Which poor b—–d did they take down?”

It was alleged last night that Mr Cleary was online in the middle of hacking when he was held. The arrest came hours after an anonymous internet user claiming to be from LulzSec threatened to publish the entire 2011 census database, though this was later dismissed as a hoax. A Scotland Yard spokesman said a “significant amount of material” had been seized from Mr Cleary’s family home by officers from its specialist e-crime unit, and would now be subjected to forensic examination.

Mr Cleary’s family expressed disbelief that the self-confessed computer “nerd” had anything to do with hacking. His mother Rita, 45, said her son “lives his life online” but she thought he had been playing computer games in his bedroom at the detached family home.

She added that, as he was led away by police, he told her he feared he would be extradited to America.

His older brother Mitchell, 22, said: “Ryan is obsessed with computers. That’s all he ever did. I was stunned to hear he had been arrested.

”He’s not the sort of person to do anything mad or go out and let his hair down or do anything violent. He stays in his room – you’ll be lucky if he opens the blinds, but that’s just family, isn’t it? I barely see him – I’m more of a football person – he’s more of an inside person.”

He said his brother had fallen out with people over WikiLeaks: “He used to be part of WikiLeaks and he has upset someone from doing that and they have made a Facebook page having a go at him.”

James Rounce, a neighbour of Cleary, said: “They moved in about 10 years ago and have been pleasant neighbours. I think he had been away at university and had come back for the holidays or because he had finished his exams. You could tell he was very bright just from the way he spoke and presented himself.”

Mr Cleary’s father Neil, 44, worked as musical director on the West End production of the Andrew Lloyd Webber musical Starlight Express. He later became a lecturer at Peterborough Regional College in Cambridgeshire and director of its orchestra. Nick Stamford, a former classmate of Ryan Cleary, said: “He used to spend a lot of time at home and that is when I think he got into computers. He was quite bright but he didn’t really have too many friends.”

LulzSec has emerged in recent weeks as a rival to the hacking group Anonymous, which targeted banks that had refused to process donations to the WikiLeaks website.

The organisation claimed credit for hacking into the accounts of Sony PlayStation users. On Monday it bombarded the website of the Serious and Organised Crime Agency with so much internet traffic it had to be taken offline.

Mr Cleary’s arrest is likely to lead to comparisons with the case of Gary McKinnon, the 45-year-old Briton fighting extradition to the United States, where he could face 60 years in jail if convicted of hacking into Pentagon and Nasa computers.