How Anonymous hacked the FBI-SOCA conference call
Court documents released after the stunning roundup of five alleged members of Anonymous and LulzSec on Tuesday shed light on one of the groups' more notable hacking escapades.Jeremy Kirk | Thursday, March 08 2012
Court documents released after the stunning roundup of five alleged members of Anonymous and LulzSec on Tuesday shed light on one of the groups' more notable hacking escapades.
A 19-year-old Irish man is accused of hacking two Gmail accounts belonging to Irish police officers and obtaining dial-in details for a January conference call between members of the US Federal Bureau of Investigation and the UK's Serious Organised Crime Agency (SOCA).
A recording of the call was released on YouTube on 3 February, embarrassing investigators on both sides of the Atlantic.
Donncha O'Cearrbhail of Birr, Ireland, is accused of recording the call and reaching out to a prominent Anonymous member for help in publicizing it. But the Anonymous member was secretly working for the FBI, leading to O'Cearrbhail's arrest.
The complaint against O'Cearrbhail, which was unsealed Tuesday, describes his interaction starting in mid-January with an informant identified only as 'CW'. The Guardian newspaper has the complaint on its website.
CW is believed to be Hector Xavier Monsegur, also known as Sabu, a prominent spokesman for Anonymous and the spin-off groups Antisec and Lulzsec. The court document doesn't specifically identify Monsegur as CW, but another court document found by Wired indicates that Monsegur acted for months as a law enforcement informant.
Monsegur quietly plead guilty last August to various hacking charges, including attacks against HBGary Federal, PBS, Sony Pictures Entertainment and Fox Broadcasting Company.
O'Cearrbhail allegedly told CW he had obtained the phone number and passcode for the Jan. 17 conference call between FBI agents and officers from SOCA, according to his charge sheet.
He asked the informant for help recording the call, promising that "this will be epic". After its release, the FBI confirmed the 17-minute call was genuine, but the agency advised that its own IT systems had not been breached. Agents on the call are heard discussing their progress in investigating Anonymous.
During the investigation of the leak, law enforcement agents asked Google for logs related to the email accounts of the two Irish police officers. The Gmail accounts in question were accessed 146 times in January using a VPN service called "Perfect Privacy", which O'Cearrbhail allegedly admitted to the informant that he had used, the court document shows.
The Irish police, known as the Garda, later told the FBI that it knew one of its officers had forwarded details of the conference call to a personal Gmail account. Police have also identified an IP address allegedly used by O'Cearrbhail, under the alias Palladium, which they say accessed one of the officers' Gmail accounts.
O'Cearrbhail is charged with one count of computer hacking conspiracy and one count of intentionally disclosing an unlawfully intercepted wire communication. He faces a maximum 15 years in prison if convicted of both charges.
The arrest was not O'Cearrbhail's first brush with the law. According to the court document, he was arrested in September 2011 on suspicion of hacking the website for the Irish political party Fine Gael.
The court document, which comprises sworn testimony from an FBI agent, also hints that O'Cearrbhail may have had a hand in hacking the website of the UK tabloid newspaper The Sun. An individual using the online handle "Palladium" was involved in the July 2011 hack, according to a sworn statement from FBI Special Agent George J. Schultzel, which is included in the charge sheet.
The Sun's website was hacked to redirect visitors to a fake new story that said News Corp. founder Rupert Murdoch had been found dead in his garden after ingesting a "large quantity of palladium".
How to choose the best tablet for you
101 great websites:
You haven't heard of yet
We ask the pros for building tips