FBI informant organized Anonymous hackers’ attacks on government sites in 30 countries
Government websites in the UK, Australia and more than two dozen other countries were provided by an undercover FBI informant to a hacker involved with the group Anonymous as cybertargets to attack, according to previously unpublished documents.
The files — chat logs between a turncoat and hacktivist Jeremy Hammond that were used by US attorneys to prosecuted the latter for major intrusions committed by Anonymous and an offshoot, AntiSec — are under seal by order of a United States District Court judge and weren’t publicly available until The Daily Dot used them to report on Wednesday this week to show that the informant encouraged Hammond to hit foreign government targets.
Before American authorities arrested Hammond at his Chicago apartment in March 2012, law enforcement officials gathered the evidence they used against him with the help of a former fellow hacker within the online collective, Hector “Sabu” Monsegur. A months-long investigation led by the FBI and largely made possible due to Monsegur’s cooperation led to Hammond, now 29, pleading guilty to a multitude of computer crimes last year and receiving a 10-year prison sentence in return.
As RT reported previously, Hammond said publicly that Monsegur provided him with foreign targets to strike while speaking in court last year before being dished out a decade-long sentence by District Court Judge Loretta Preska.
“I broke into numerous websites he supplied, uploaded the stolen email accounts and databases onto Sabu’s FBI server, and handed over passwords and backdoors that enabled Sabu and, by extension, his FBI handlers, to control these targets,” Hammond said. Preska, who later sentenced Monsegur to time served, cut off Hammond, but not before the hacktivist began to name a handful of countries he claimed were supplied by the informant.
A joint probe launched earlier this year by the Dot and Motherboard has already raised questions concerning the role of the Federal Bureau of Investigation in cyberattacks waged by Anonymous at the behest of the FBI against the websites of companies and countries alike, but this week’s revelations made through leaked chat logs between the informant and hacktivist identify for the first time the names of foreign nations that were specifically supplied to Hammond by the FBI mole with the intent that he attack them.
In full, the websites supplied to Hammond by Monsegur to target included URLs pertaining to organizations affiliated with the governments of: Brazil; Netherlands; Belgium; Slovenia; United Kingdom; Australia; Papua New Guinea; Republic of Maldives; Philippines; Laos; Libya; Turkey; Sudan; India; Nigeria; Puerto Rico; Greece; Paraguay; Saint Lucia; Malaysia; South Africa; Yemen; Iran; Iraq; Saudi Arabia; Trinidad and Tobago; Lebanon; Kuwait; Albania; Bosnia and Herzegovina and Argentina.
“[D]id you hit those govs I gave you last night?” Monsegur asks Hammond in an excerpt from a leak chat log published by the Dot. Monsegur, who is Puerto Rican, then provided Hammond with targets specific to that territory and called it a “personal favor.” In another leaked log, Monsegur provides Hammond with a list of targets with .gov.br domains and says “hit these bitches for our [B]razilian squad.”
According to the Daily Dot, Monsegur told Hammond to strike targets in 30 countries. It is not immediately clear what sites were attacked and with what success, but previous reporting on leaked files concerning the Hammond case showed that hacktivists were successful in campaigns against Brazilian and Turkish websites with the assistance of the informant. An American firm, Stratfor, was also struck by Anonymous in 2012 in an operation that was orchestrated largely by Monsegur while working for the feds, and authorities did not make the company aware of the intrusion until later on.
Ahead of Monsegur’s sentencing hearing this year, attorneys for the informant said his cooperation “helped avoid over 300 intrusions” and, in aiding the FBI, “he strengthened the security of agencies such as the United States Congress, the United States Courts, other government agencies, as well as private companies.”
“He did not break the systems, he revealed vulnerabilities,”insisted lawyer Peggy Cross-Goldenberg. “These systems needed fixing anyway, regardless of his actions,”
Attorneys for Hammond, however, have raised questions of their own.
“Why was our government, which presumably controlled Mr. Monsegur during this period, using Jeremy Hammond to collect information regarding the vulnerabilities of foreign government websites and in some cases, disabling them,” Hammond’s attorneys wrote in December 2013. “This question is especially relevant today, amidst near daily public revelations about government’s efforts, worldwide, to monitor the communications of, and gather intelligence on, world leaders.”
Dell Cameron, the Daily Dot reporter who first published the list of countries sent to Hammond, told RT’s Andrew Blake that the FBI has been mostly unwilling to cooperate when it comes to weighing in with regards to the investigation into the Sabu files.
“We reached out to the FBI at the beginning of June to see if they’d be willing to discuss what this evidence says about their investigative procedures. They were very polite, seemed eager to help, and told us, in no equivocal terms, that they wouldn’t discuss the Hammond case,” he said.
“I’ve been told repeatedly that the information we’ve published suggests that Hammond was entrapped by law enforcement. That’s for legal experts to comment. Of course, he was eager to hack all of those targets and he’ll be the first to tell you,” Cameron continued. “However, the question of whether the FBI is in some way culpable for a string of international cyberattacks is not dependent on whether Hammond was entrapped. It depends on whether statements by the NY US Attorney’s office are true or not – that federal investigators were with Monsegur ‘around-the-clock,’ at his side, and were aware of his activities at all times.”
Mustafa Al-Bassam, a London student who participated in Anonymous-affiliated hacks with Monsegur in early 2011, told RT’s Blake that “Sabu has always been socially manipulative and therefore good at social engineering” and said “that's always been his biggest strength in the group.”
“The FBI simply capitalized on that skill to build trust and connections within various groups,” Al-Bassam added.
Monsegur’s attorneys boasted during his sentencing in May that their client’s efforts “contributed directly to the identification, prosecution and convictions of core members of LulzSec,” an Anonymous offshoot that included Al-Bassam, as well as Hammond and other hacktivists..