FOX News, once itself a target of the LulzSec hacker group, broke an explosive story on March 6th, 2012 that the Anonymous movement had been infiltrated at one of its cores for 8-9 months by an FBI informant — none other than Sabu — one of the most wanted hackers in the world. Raids of various alleged members of Lulzsec and Anonymous took place across a couple of continents, United States, UK and Ireland. "Sabu", apparently 28-year-old Hector Xavier Monsegur, was the guardian of two young kids and lived in the projects in the Lower East Side of New York City. He was reportedly unmasked through a accumulation of small slips worth detailing:
FOX News reported: "handlers allowed him to work from the home… using a PC laptop provided by the FBI. […] Monitoring software on his government-issued laptop allowed the feds to see what he did in real time. The FBI has had an agent watching his online activity 24 hours a day. […] Sabu and his FBI handlers also disseminated false information to the public and hacker community — often through Twitter, sometimes through unsuspecting reporters who thought they’d landed an online interview with the notorious hacker. Their correspondence was sometimes directly with agents. More often it was with Sabu acting on strict guidance from the agents sitting with him, reading his every word. “About 90 percent of what you see online is bulls—-,” said one of Monsegur’s handlers, referring to the Twitter posts from Sabu’s account and “interviews” he’s given to the press on direction from the FBI as part of their disinformation campaign. On an Internet that forgets nothing, once a document is made publicly available, even if only briefly, it may be archived in perpetuity. One old clue to even one element of a still-in-use identity can be enough to take down even the most careful hacker…..
Check the link provided to read more about this FBI HACKER…
How to Stay and Keep Yourself Anonymous… Be SMART…
Anonymity isn’t just using TOR or a VPN and choosing a nickname-it means literally having no name, no identity. This means you DO NOT deface websites mentioning your nickname (or that of your team, I’m looking at YOU, CharrieWong), or in any way associate the name you are using with yourself (watch your identities).
You should credit Anonymous (or give no credit) for your actions, as soon as a name is attached to you, a single slip-up is enough to get you caught. Once the Feds know there’s a group, any form of infiltration (IE having an informant) in your group will be devastating. All of your work, data, rooted boxes, infrastructure, and scraps of personal data will be going directly to the feds. This brings us to some critical suggestions that we pulled together after perusing the criminal Complaints from the alleged LulzSec / Internet Feds / Anonymous arrests.
Please read, reflect and remember them next time you feel the keen need to share a personal detail from your life with your new bff in IRC.
CONVERSATIONS WITH OTHER PEOPLE - NEVER…
**Quick note from observing Sabu: if someone disappears without prior notice for an extended period of time, and then upon coming back tries to gain access to several more groups, and attempts to build a trust-based relationship with you, said person *might* be an informant.
- mention any political affiliations directly (don’t say I’m a registered Independent, just talk about your political views)
- mention any arrests (of you, or people you know) (WE LOVE YOU JEREMY HAMMOND!)
- mention any forms of IRL activism that you have participated in
- tell people what you are doing at any given time, or give out specific schedule information (IE, I’m always out of the house between 5 and 7 pm)
- mention your age, any previous work (citing your abilities is okay if you don’t provide much proof), height, ethnicity, or medical conditions
- mention where you are, if you happen to be on vacation
- inform people outside of your trusted group of any changes in IRC nicknames
- mention the manufacturer of your computer (or NIC, more specifically) without changing the MAC address! (WE LOVE YOU JEREMY HAMMOND!)
ADVICE FOR WOULD-BE HACKERS:
- don’t attack any organisations you are in any way affiliated with (don’t DDOS your school, dumbshit! Again, looking at you CharrieWong)
- don’t dump any information to a server that you didn’t witness the pwnage of. (Stratfor’s data was copied over to an FBI server)
- ALWAYS use TOR/a VPN while haxing! An easy way to run pretty much anything through TOR on linux is by using proxychains or torify (‘cept nmap!)
- NEVER listen for reverse shells on your own box (derp)
- NEVER connect to anything even remotely related to your target using any IP addresses that are affiliated with you or a small group of peopleYou can read the full criminal complaints from the alleged LulzSec / Internet Feds / Anonymous arrests HERE