X

FBI arrests 16 in Anonymous hacking investigation

Arrests follow raids on homes as part of more than 35 search warrants related to an attack on PayPal computers, U.S. Department of Justice says.

Elinor Mills Former Staff Writer
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.
Elinor Mills
5 min read
 

Sixteen people were arrested in the United States today in connection with hacking attacks by the Anonymous group of online activists, as well as one person in the U.K. and four people in the Netherlands, the U.S. Department of Justice said.

An indictment filed last week in San Jose, Calif., names 14 people accused of conspiring to intentionally damage protected computers at PayPal last December in retribution for PayPal suspending WikiLeaks' account to prevent supporters from donating to the whistleblower site. The arrests were made in Alabama, Arizona, California, Colorado, the District of Columbia, Florida, Massachusetts, Nevada, New Mexico, and Ohio, the Justice Department said. The defendants were expected to make initial appearances throughout the day in federal courts in their areas.

In two other separate indictments, a Sarasota, Fla., man was arrested on charges of intentionally damaging a protected computer for allegedly accessing the Web site of InfraGard Tampa Bay, an FBI partner, in June. The complaint alleges that he released instructions on how to exploit the Web site.

Another man was arrested in Las Cruces, N.M., for allegedly stealing confidential business information from AT&T servers and posting it publicly in April. The defendant, who works as a customer support contractor for AT&T at outsource provider Convergys, is charged with accessing a protected computer without authorization for allegedly downloading thousands of documents, applications, and other files and then posting them on the Internet, the indictment says. The LulzSec hacking group publicized the release of those documents on June 25, according to the filing.

The arrests of the defendants, who range in age from 20 to 42, followed the execution of more than 35 search warrants throughout the country by the FBI as part of its investigation into hacking attacks coordinated by the Anonymous online activist group, officials said. More than 75 searches have taken place in the U.S. to date as part of the investigations, the Justice Department said.

The charge of intentional damage to a protected computer carries a maximum penalty of 10 years in prison and a $250,000 fine; each count of conspiracy carries a maximum penalty of 5 years in prison and a $250,000 fine, the Justice Department said.

Meanwhile, a 16-year-old was arrested in London who goes by the hacker handle "Tflow" and is believed to be a key member of LulzSec, Fox News reported.

And on news aggregation site Reddit, someone with the handle "reallyjay" reported that 20 FBI agents with guns drawn raided his or her house with a search warrant today believing that the owner's son had participated in the Anonymous attack on PayPal. "I think they were surprised (really?) that I knew about Anonymous. When they questioned my son, he admitted to downloading LOIC [Low Orbit Ion Cannon DDoS software] and fooling around with it for awhile. He does not know if he left it running for any amount of time," the Reddit user wrote. "Why would they spend all this time, energy, and funds to get a kid who was trying to be cool and follow Anon without knowing any of the consequences? What do I do to protect him? What can I expect? They seized two desk top computers."

As part of "Operation Payback," Anonymous organized a distributed denial-of-service attack that shut down PayPal's site, as well as that of Visa and MasterCard. PayPal cut WikiLeaks off citing violations of its terms of service after WikiLeaks released a large amount of classified U.S. State Department cables in late November. The decentralized Anonymous collective has been targeting computer attacks on government and corporate Web sites, including Monsanto, the Arizona Department of Public Safety, the City of Orlando, and Sony, as well as government sites in Egypt, Turkey, and Tunisia. (See our chart of recent hacking attacks here.) Anonymous often issues warnings and statements saying the attacks are done to protest Internet censorship and alleged government corruption or corporate malfeasance.

The hackers primarily use DDoS attacks, which are designed to temporarily cripple Web sites. To do that, they enlist supporters to use software on their computers that sends so many requests to access a targeted Web site that it overwhelms the site with traffic, effectively shutting it down. The hackers also claimed to have compromised servers to steal data that was then released to the public.

Previously, there were dozens of arrests globally related to the investigations into hacking attacks by Anonymous. A 16-year-old was arrested late last year in the Netherlands for the DDoS attacks on payment companies that stopped enabling WikiLeaks to receive donations. That was followed by five arrests in the U.K. and 40 search warrants carried out in the U.S. in January. In June, three people were arrested in Spain for an attack on a Spanish government site (a Spanish police site was then attacked in retaliation), and 32 people were arrested in Turkey a few days later.

There has also been police activity related to the LulzSec hacking group, which is believed to be a spinoff of Anonymous, with whom they have joined forces in attacks under the AntiSec banner. Nineteen-year-old Ryan Cleary was arrested and released on bail in June after being charged with participating in attacks on the U.K.'s Serious Organized Crime Agency, an AntiSec target, and other sites. LulzSec members have denied that Cleary is a member of the group, saying that he only hosted one of the group's chat rooms on his Internet Relay Chat server. Also, an Ohio home was reportedly searched in June.

LulzSec, meanwhile, has turned its sights on media mogul Rupert Murdoch, who is embroiled in a phone voice-mail-hacking scandal that led to the closure of his British tabloid The News of the World and prompted the arrest of former editor Rebekah Brooks. The hackers yesterday redirected the home page of The Sun tabloid, also owned by Murdoch, to a fake story claiming Murdoch had died and released purported phone numbers of Murdoch employees and what appeared to be an old e-mail address and password for Brooks. The hacking happened after a former News of the World journalist was found dead.

Editor's note: This story was originally published at 11:11 a.m. PT. Updated at 7:53 p.m. PT with Fox News reporting that LulzSec member "Tflow" was the U.K. arrest and with Reddit user account of house raid and at 4:05 p.m. PT with more details from indictments, 3:15 p.m. PT with details from the Justice Department, 1:36 p.m. PT with report of two additional separate arrests from Fox News, 12:09 p.m. PT with background on Anonymous and previous arrests, FBI San Francisco comment, and LulzSec background, and 11:27 a.m. PT with FBI comment from Washington D.C.