Those behind LulzSec - which forced the CIA's public website down
and hacked Sony, among other things - are among the most wanted
The heat is still growing for a group of perhaps six to eight
people believed to be behind Lulz Security, even though the
flamboyant social-media-savvy enterprise suddenly announced over the
weekend that it would stop hacking government and business
Just a few days ago, the group was yucking it up, grandstanding
for its 280,000 Twitter followers (up from 100,000 just over a week
ago). On Thursday, it exulted in posting law-enforcement information
stolen from the Arizona Department of Public Safety. Then on Sunday,
it announced it was retiring from hacking.
"Our planned 50 day cruise has expired," the group wrote in a
post, "and we must now sail into the distance, leaving behind - we
hope - inspiration, fear, denial, happiness, approval, disapproval,
mockery, embarrassment, thoughtfulness, jealousy, hate, even love."
It added, "If anything, we hope we had a microscopic impact on
someone, somewhere. Anywhere." The group also encouraged others to
imitate its cyberattacking ways.
But the wisecracker hackers - who forced the Central Intelligence
Agency's public website down, hacked Sony, and tossed 62,000
passwords and e-mail addresses across the Internet like confetti -
still remain among the most wanted cyber-criminals, cybersecurity
"These guys better hope that the FBI finds them first, because
there are probably a lot of people in organized cybercrime who
aren't very happy about what they've been doing - drawing all this
attention," says Jeff Bardin, chief security strategist for
Treadstone 71, a cybersecurity and intelligence firm based in
The term "Lulz" is hacker lingo for "laughs." All along, it has
claimed that its activities are about "doing it for the laughs" and
raising Internet security awareness. Its tag line is, "Laughing at
your security since 2011!"
But for others, LulzSec's activities have been a serious matter.
And in the end, the anonymity of the Internet may not have been
anonymous enough for the very real people behind its hacker handles.
Was Sabu the ringleader? Is Kayla the group's botnet expert? What
about Topiary, Storm, Tflow, Joepie91, Avunit, and the others?
Those nicknames appear in chat logs from late May - purportedly
conversations from LulzSec's private chat channel that were leaked
anonymously to London's Guardian newspaper and posted to its website
Friday. Other similar chat logs were leaked in March to the online
At about the same time, lists of names associated with the
handles began to be tweeted along with a flotsam of corroborating
information. Was Sabu living in New York City and Avunit in England?
That was implied by one Internet security company report circulating
Some argue that chat logs are easily faked. Also, are the tweeted
names of people really those behind the LulzSec attacks? Impossible
to tell - yet.
But such clues could quickly become exhibits in criminal cases as
more details are tweeted or divulged by vigilante hackers, computer
security companies, or disgruntled members of the affiliated
"The chances they'll get nailed are pretty good," Mr. Bardin
says. "Sure, they're pretty smart about how they hide themselves and
their tracks. But some of them have already been nailed," he says,
referring to a recent arrest in England. "They've been tugging on
the tail of the beast for a while, and now the beast is turning
around to get them."
One vigilante hacker dubbed "the Jester," purportedly a former
cyber-expert for the US military, has in recent weeks exposed
details of the group's members, Bardin notes. …