|
UNITED STATES OF AMERICA v. HECTOR XAVIER MONSEGUR: SEALED INFORMATION |
|
Form No. USA-33S-274 (Ed. 9-25-5S
UNITED STATES DISTRICT COURT
UNITED STATES OF AMERICA Defendant. INFORMATION SI 11 Cr. 666 (LAP) (18 U.S.C. §§ 1030(b), 1030(a)(5)(A), 1030(a)(4), 1029(b)(2), 1349, 1028A and 2)
PREET BHARARA
UNITED STATES DISTRICT COURT
UNITED STATES OF AMERICA Defendant SEALED INFORMATION SI 11 Cr. 666 (LAP) COUNT ONE: (Conspiracy to Engage in Computer Hacking -- Anonymous) The United States Attorney charges: THE DEFENDANT 1. At all times relevant to this Information, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, was an experienced computer hacker who resided in New York, New York. At various times relevant to this Information, MONSEGUR was an influential member of three hacker organizations -- Anonymous, Internet Feds, and Lulz Security (also known as "LulzSec") -- that were responsible for multiple cyber attacks on the computer systems of various businesses and governments in the United States and throughout the world. 2. At all times relevant to this Information, MONSEGUR's primary area of expertise and role in hacker organizations was to act as a "rooter," that is, a computer hacker who identified vulnerabilities in the computer systems of potential victims to be exploited for the purpose of gaining unauthorized access to the systems. Upon discovering these vulnerabilities, MONSEGUR either passed information regarding them to other hackers, who sought to exploit them, or MONSEGUR exploited the vulnerabilities himself. MONSEGUR also provided infrastructure support to members of hacker organizations, that is, unauthorized access to computer servers and routers that others could use to launch cyber attacks on victims. BACKGROUND ON ANONYMOUS 3. At all times relevant to this Information, "Anonymous" was a collective of computer hackers and other individuals located in the United States and elsewhere that undertook "operations" -- that is, coordinated efforts that included cyber attacks -- against individuals and entities that were perceived to be hostile to Anonymous and its members' interests. These attacks included, among other things, the theft and later dissemination of confidential information from computer systems and the defacement of Internet websites. These attacks also included attacks against websites, known as "denial of service" or "DoS" attacks, which involved the use of computers to bombard a victim's website with bogus requests for information, causing the website to temporarily cease functioning. 4. The members of Anonymous, through their cyber attacks, at times sought to support, among other causes, Wikileaks, an organization that published otherwise unavailable documents from anonymous sources. THE DEFENDANT'S COMPUTER HACKING AS PART OF ANONYMOUS 5. From in or about December 2010, up to and including on or about June 7, 2011, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, participated in several cyber attacks as part of Anonymous, including the following, among others: DoS Attacks on Visa, MasterCard and PayPal
Hack and DoS Attack on Tunisian Government Computers
DoS Attack on Algerian Government Computers
Hack of Yemeni Government Computers
Hack of Zimbabwean Government Computers
STATUTORY ALLEGATIONS 6. From at least in or about December 2010, up to and including on or about June 7, 2011, in the Southern District of New York and elsewhere, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, and others known and unknown, willfully and knowingly combined, conspired, confederated, and agreed together and with each other to engage in computer hacking, in violation of Title 18, United States Code, Section 1030(a)(5)(A). 7. It was a part and an object of the conspiracy that HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, and others known and unknown, willfully and knowingly would and did cause the transmission of a program, information, code and command, and, as a result of such conduct, would and did intentionally cause damage without authorization, to a protected computer, and the loss caused by such behavior was at least $5,000, in violation of Title 18, United States Code, Sections 1030(a)(5)(A) and 1030(c) (4) (B) (i) . OVERT ACTS 8. In furtherance of the conspiracy and to effect the illegal object thereof, the following overt acts, among others, were committed in the Southern District of New York and elsewhere:
(Title 18, United States Code, Section 1030(b).) COUNT TWO: (Conspiracy to Engage in Computer Hacking -- Internet Feds) The United States Attorney further charges: 9. The allegations in paragraphs 1 through 5 and 8 of this Information are repeated and realleged as though fully set forth herein. BACKGROUND ON INTERNET FEDS 10. In or about December 2010, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, was invited by a co-conspirator not named as a defendant herein to participate in "Internet Feds," a group of elite computer hackers affiliated with Anonymous that undertook cyber attacks on the computer systems of various business and government entities in the United States and throughout the world. These attacks included, among other things, the theft of confidential information from victims' computer systems, the defacement of victims' Internet websites, and DoS attacks. At various times relevant to this Information, members of Internet Feds, including MONSEGUR, launched cyber attacks on, and gained unauthorized access to, the websites and computers systems of the following victims, among others: HBGary, Inc. and HBGary Federal, LLC (HBGary Federal, LLC is owned in part by HBGary, Inc.; both are collectively referred to herein as "HBGary"), a private cyber security firm; Fox Broadcasting Company ("Fox"), a commercial broadcast television network; and the Tribune Company, a media company which owns various television and radio stations and publishes the Chicago Tribune and the Los Angeles Times, among other newspapers. In addition, during the time period relevant to this Information, members of Internet Feds other than MONSEGUR launched computer attacks on other computer systems, including, for instance, computer servers used by ACS Law, a law firm in Australia. THE DEFENDANT'S COMPUTER HACKING AS PART OF INTERNET FEDS 11. From in or about December 2010, up to and including in or about March 2011, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, participated in several cyber attacks and unauthorized intrusions as part of Internet Feds, including the following, among others: Hack of HBGary
Unauthorized Access to the Tribune Company's Computer Systems
Hack of Fox
STATUTORY ALLEGATIONS 12. From at least in or about -December 2010, up to and including on or about June 7, 2011, in the Southern District of New York and elsewhere, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, and others known and unknown, willfully and knowingly, combined, conspired, confederated, and agreed together and with each other to engage in computer hacking, in violation of Title 18, United States Code, Section 1030(a)(5)(A). 13. It was a part and an object of the conspiracy that HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, and others known and unknown, willfully and knowingly would and did cause the transmission of a program, information, code and command, and, as a result of such conduct, would and did intentionally cause damage without authorization, to a protected computer, and the loss caused by such behavior was at least $5,000, in violation of Title 18, United States Code, Sections 1030(a)(5)(A) and 1030(c)(4)(B)(i). OVERT ACTS 14. In furtherance of the conspiracy and to effect the illegal object thereof, the following overt acts, among others, were committed in the Southern District of New York and elsewhere:
(Title 18, United States Code, Section 1030(b).) COUNT THREE: (Conspiracy to Engage in Computer Hacking -- LulzSec) The United States Attorney further charges: 15. The allegations in paragraphs 1 through 5, 8, 10, 11 and 14 of this Information are repeated and realleged as though fully set forth herein. BACKGROUND ON LULZSEC 16. From in or about May 2011, up to and including in or about June 2011, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, formed "Lulz Security," or "LulzSec," with other elite hackers, including individuals who used the online nicknames "Kayla," "Topiary," "Tflow," "Pwnsauce," and "AVUnit." "Lulz" is Internet slang which can be interpreted as "laughs," "humor," or "amusement." The members of LulzSec undertook cyber attacks on the computer systems of various business and government entities in the United States and throughout the world. These attacks included, among other things, the theft of confidential information from victims' computer systems, the defacement of victims' Internet websites, and attacks against victims' websites which rendered the websites temporarily unavailable to the public. In addition to attacking the computer systems of their victims, the members of LulzSec also received from other computer hackers information regarding vulnerabilities in the computer security systems of a variety of business and government entities. LulzSec members used this information to launch cyber attacks on those entities or stored it in anticipation of future attacks. 17. At various times relevant to this Information, members of LulzSec launched cyber attacks on the computers systems and websites of the following victims, among others:
THE DEFENDANT'S COMPUTER HACKING AS PART OF LULZSEC 18. From in or about May 2011, up to and including on or about June 7, 2011, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, participated in several cyber attacks as part of LulzSec, including the following, among others: Hack of PBS
Hack of Sony Pictures
Hack of Sony Music
Hacks of Infragard-Atlanta and Unveillance
Hack of the U.S. Senate
Hack of Bethesda Softworks
STATUTORY ALLEGATIONS 19. From at least in or about May 2011, up to and including on or about June 7, 2011, in the Southern District of New York and elsewhere, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, and others known and unknown, willfully and knowingly, combined, conspired, confederated, and agreed together and with each other to engage in computer hacking, in violation of Title 18, United States Code, Section 1030(a)(5)(A). 20. It was a part and an object of the conspiracy that HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, and others known and unknown, willfully and knowingly would and did cause the transmission of a program, information, code and command, and, as a result of such conduct, did intentionally cause damage without authorization, to a protected computer, and the loss caused by such behavior was at least $5,000, in violation of Title 18, United States Code, Sections 1030(a)(5)(A) and 1030(c) (4) (B) (i) . OVERT ACTS 21. In furtherance of the conspiracy and to effect the illegal object thereof, the following overt acts, among others, were committed in the Southern District of New York and elsewhere:
(Title 18, United States Code, Section 1030(b).) COUNT FOUR: (Computer Hacking -- Hack of HBGary) The United States Attorney further charges: 22. On or about February 5, 2011, in the Eastern District of California, the Southern District of New York, and elsewhere, HECTOR XAVIER MONSEGUR,' a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, willfully and knowingly caused the transmission of a program, information, code and command, and, as a result of such conduct, intentionally caused damage without authorization, to a protected computer, and the loss caused by such behavior was at least $5,000, to wit, MONSEGUR, while using a computer located in New York, New York, together with others, accessed without authorization the computer servers of HBGary, Inc., which servers were located in Sacramento, California, and HBGary Federal, LLC, which servers were located in Colorado Springs, Colorado, and stole confidential information including email messages and other information, and thereby caused loss of at least $5,000. (Title 18, United States Code, Sections 1030(a)(5)(A), 1030(c)(4)(B)(i), and 2.) COUNT FIVE: (Computer Hacking -- Hack of Fox) The United States Attorney further charges: 23. In or about 2011, in the Central District of California, the Southern District of New York, and elsewhere, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, willfully and knowingly caused the transmission of a program, information, code and command, and, as a result of such conduct, intentionally caused damage without authorization, to a protected computer, and the loss caused by such behavior was at least $5,000, to wit, MONSEGUR, while using a computer located in New York, New York, together with others, accessed, without authorization, the servers of Fox, located in Los Angeles, California, and thereby caused loss of at least $5,000. (Title 18, United States Code, Sections 1030(a)(5)(A), 1030(c)(4)(B)(i), and 2.) COUNT SIX: (Computer Hacking -- Hack of Sony Pictures) The United States Attorney further charges: 24. In or about 2011, in the Central District of California, the Southern District of New York, and elsewhere, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, willfully and knowingly caused the transmission of a program, information, code and command, and, as a result of such conduct, intentionally caused damage without authorization, to a protected computer, and the loss caused by such behavior was at least $5,000, to wit, MONSEGUR, while using a computer located in New York, New York, together with others, accessed, without authorization, the servers of Sony Pictures, located in El Segundo, California, and thereby caused loss of at least $5,000. (Title 18, United States Code, Sections 1030(a)(5)(A), 1030(c)(4)(B)(i), and 2.) COUNT SEVEN: (Computer Hacking -- Hack of PBS) The United States Attorney further charges: 25. From in or about May 2011, up to and including in or about June 2011, in the Eastern District of Virginia, the Southern District of New York, and elsewhere, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, willfully and knowingly caused the transmission of a program, information, code and command, and, as a result of such conduct, intentionally caused damage without authorization, to a protected computer, and the loss caused by such behavior was at least $5,000, to wit, MONSEGUR, while using a computer located in New York, New York, together with others, accessed without authorization the computer servers of PBS, which were located in Alexandria, Virginia, and stole confidential information and defaced PBS's website, PBS.org, and thereby caused loss of at least $5,000. (Title 18, United States Code, Sections 1030(a)(5)(A), 1030 (c) (4) (B) (i) , and 2.) COUNT EIGHT: (Computer Hacking -- Hack of Infragard-Atlanta) The United States Attorney further charges: 26. In or about June 2011, in the Northern District of Georgia, the Southern District of New York, and elsewhere, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, willfully and knowingly caused the transmission of a program, information, code and command, and, as a result of such conduct, intentionally caused damage without authorization, to a protected computer, and the loss caused by such behavior was at least $5,000, to wit, MONSEGUR, while using a computer located in New York, New York, together with others, accessed without authorization a computer server in Englewood, Colorado and elsewhere belonging to the Atlanta, Georgia chapter of the Infragard Members Alliance, an information sharing partnership between the FBI and private industry, and stole confidential information, and thereby caused loss of at least $5,000. (Title 18, United States Code, Sections 1030(a)(5)(A), 1030(c)(4)(B)(i), and 2.) COUNT NINE: (Computer Hacking In Furtherance of Fraud) The United States Attorney further charges: 27. In or about 2010, in the Southern District of New York and elsewhere, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, willfully and knowingly, and with intent to defraud, accessed a protected computer without authorization, and by means of such conduct furthered the intended fraud and obtained a thing of value, to wit, MONSEGUR, using a computer located in New York, New York, accessed without authorization the computer systems of a company that sells automobile parts, and fraudulently caused four automobile motors with a value of approximately $3,450 to be shipped to himself in New York, New York. (Title 18, United States Code, Sections 1030(a)(4), 1030(c)(3)(A), and 2.) COUNT TEN: (Conspiracy to Commit Access Device Fraud) The United States Attorney further charges: 28. From at least in or about 2010, up to and including on or about June 7, 2011, in the Southern District of New York and elsewhere, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, and others known and unknown, willfully and knowingly did combine, conspire, confederate and agree together and with each other to commit an offense under Title 18, United States Code, Section 1029(a). 29. It was a part and an object of the conspiracy that HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, and others known and unknown, willfully and knowingly, and with intent to defraud, would and did effect transactions, with one and more access devices issued to other persons, to receive payment and other things of value during a one-year period the aggregate value of which was equal to and greater than $1,000, in violation of Title 18, United States Code, Section 1029(a)(5). OVERT ACTS 30. In furtherance of the conspiracy and to effect the illegal object thereof, the following overt acts, among others, were committed in the Southern District of New York and elsewhere:
(Title 18, United States Code, Section 1029(b)(2).) COUNT ELEVEN: (Conspiracy to Commit Bank Fraud) The United States Attorney further charges: 31. From at least in or about 2010, up to and including on or about June 7, 2011, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, and others known and unknown, willfully and knowingly did combine, conspire, confederate and agree together and with each other to commit offenses under Title 18, United States Code, Section 1344. 32. It was a part and an object of the conspiracy that HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, and others known and unknown, willfully and knowingly would and did execute, and attempt to execute, a scheme and artifice to defraud a financial institution, the deposits of which were then insured by the Federal Deposit Insurance Corporation, and to obtain moneys, funds, credits, assets, securities, and other property owned by, and under the custody and control of, such financial institution by means of false and fraudulent pretenses, representations and promises, in violation of Title 18, United States Code, Section 1344. OVERT ACTS 33. In furtherance of the conspiracy and to effect the illegal object thereof, the following overt acts, among others, were committed in the Southern District of New York and elsewhere:
(Title 18, United States Code, Section 1349.) COUNT TWELVE: (Aggravated Identity Theft) The United States Attorney further charges: 34. From at least in or about 2010, up to and including on or about June 7, 2011, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, willfully and knowingly did transfer, possess, and use, without lawful authority, a means of identification of another person, during and in relation to a felony violation enumerated in Title 18, United States Code, Section 1028A(c), to wit, MONSEGUR transferred, possessed, and used, among other things, the names, Social Security numbers, account numbers, and credit card account numbers of other persons in connection with his participation in a conspiracy to commit access device fraud, as charged in Count Ten of this Information, and in connection with his participation in a conspiracy to commit bank fraud, as charged in Count Eleven of this Information. (Title 18, United States Code, Sections 1028A and 2.) FORFEITURE ALLEGATION AS TO COUNTS ONE THROUGH NINE 35. As a result of committing one or more of the offenses alleged in Counts One through Nine of this Information, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, shall forfeit to the United States, pursuant to 18 U.S.C. § 982(a)(2)(B), any property constituting, or derived from, proceeds obtained directly or indirectly as a result of one or more of the offenses, including but not limited to a sum of money representing the amount of proceeds obtained as a result of one or more of the said offenses. FORFEITURE ALLEGATION AS TO COUNT TEN 36. As a result of committing the offense alleged in Count Ten of this Information, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, shall forfeit to the United States:
FORFEITURE ALLEGATION AS TO COUNT ELEVEN 37. As a result of committing the offense alleged in Count Eleven of this Information, HECTOR XAVIER MONSEGUR, a/k/a "Sabu," a/k/a "Xavier DeLeon," a/k/a "Leon," the defendant, shall forfeit to the United States, pursuant to 18 U.S.C. § 982(a)(2)(A), any property constituting, or derived from, proceeds obtained directly or indirectly as a result of the offense, including but not limited to, a sum of money representing the amount of proceeds obtained as a result of the said offense. SUBSTITUTE ASSETS PROVISION 38. If any of the above-described forfeitable property, as a result of any act or omission of the defendant:
(Title 18, United States Code, Sections 982(a)(2)(A), 982(a)(2)(B), and 1029(c)(1)(C), and Title 21, United States Code, Section 853(p).)
PREET BHARARA UNITED STATES OF AMERICA v. RYAN ACKROYD, JAKE DAVIS, DARREN MARTYN, DONNCHA O'CEARRBHAIL: SEALED INDICTMENT
UNITED STATES
DISTRICT COURT
UNITED STATES OF
AMERICA Defendants. SEALED INDICTMENT 12 Cr. ( ) COUNT ONE: (CONSPIRACY TO COMMIT COMPUTER HACKING - INTERNET FEDS) The Grand Jury charges: BACKGROUND ON ANONYMOUS AND INTERNET FEDS 1. Since at least in or about 2008, up through and including on or about the date of this Indictment, "Anonymous" has been a loose confederation of computer hackers and others sharing, among other things, common interests, common slogans, and common identifying symbols. During that time period, certain members of Anonymous have waged a deliberate campaign of online destruction, intimidation, and criminality, as part of which they have carried out cyber attacks against businesses and government entities in the United States and throughout the world. 2. Between in or about December 2010 and in or about May 2011, one group of individuals affiliated with Anonymous who engaged in such criminal conduct was composed of elite computer hackers who collectively referred to themselves as "Internet Feds." At various times relevant to this Indictment, members of Internet Feds carried out a series of cyber attacks against the websites and computer systems of certain business and government entities in the United States and around the world, including, among others, the following businesses and organizations:
3. These cyber attacks involved, among other things: (1) breaking into computer systems, deleting data, and stealing confidential information, including encrypted and unencrypted sensitive personal information for thousands of individual victims; (2) de-encrypting confidential information stolen from victims' computer systems, including encrypted passwords; (3) publicly disclosing that stolen confidential information on the Internet by dumping it on certain websites; (4) hijacking victims' email and Twitter accounts; (5) defacing victims' Internet websites; and/or (6) "doxing," that is, publicly disclosing online a victim's personal identifying information, such as the victim's name, address, Social Security number, email account, and telephone number, with the object of, among other things, intimidating the victim and subjecting the victim to harassment. 4. At various times relevant to this Indictment, and as part of Anonymous, members of Internet Feds sought to publicize their Internet assaults and intimidate their victims by, among other things: (1) posting messages online in which they discussed their attacks and threatened additional attacks; (2) using particular logos and slogans when, for example, they posted messages online and defaced websites; and (3) discussing their attacks with members of the press. 5. At various times relevant to this Indictment, and much like other members of Anonymous, members of Internet Feds, despite their efforts to publicize their illegal conduct, typically attempted to hide their true identities by, for example, using aliases when they communicated with the public or with each other. 6. At various times relevant to this Indictment, members of Internet Feds, much like other members of Anonymous, communicated using, among other means, Internet Relay Chat ("IRC") channels that is, real-time, text-based online forums. Some of these channels were open to the public. Others, particularly channels in which members of Anonymous and members of Internet Feds planned and organized criminal activity, including cyber attacks, were not. Instead, those channels were generally password-restricted and available by invitation only, usually to trusted individuals who had proven themselves through past criminal hacking. Specifically, members of Internet Feds and their co-conspirators planned and coordinated their cyber attacks using password-restricted, invitation-only IRC channels such as "#InternetFeds," "#Hackers," and "#hq," among others. 7. At various times relevant to this Indictment, the members of Internet Feds included, among others, RYAN ACKROYD, a/k/a "kayla," a/k/a "lol," a/k/a "lolspoon," JAKE DAVIS, a/k/a "topiary," a/k/a "atopiary," DARREN MARTYN, a/k/a "pwnsauce," a/k/a "raepsauce," a/k/a "networkkitten," and DONNCHA O'CEARRBHAIL, a/k/a "palladium," the defendants, as well as other individuals, including, but not limited to, individuals who used the online aliases "SABU," "TFLOW," and "AVUNIT." THE DEFENDANTS 8. At all times relevant to this Indictment, RYAN ACKROYD, a/k/a "kayla," a/k/a "lol," a/k/a "lolspoon," and JAKE DAVIS, a/k/a "topiary," a/k/a "atopiary," the defendants, were computer hackers who resided in the United Kingdom. 9. The role of RYAN ACKROYD, a/k/a "kayla," a/k/a "lol," a/k/a "lolspoon ," the defendant, in each of the conspiracies charged in this Indictment included, among other things, identifying and exploiting vulnerabilities in victims' computer systems for the purpose of gaining unauthorized access to those systems. 10. The role of JAKE DAVIS, a/k/a "topiary," a/k/a "atopiary," the defendant, in each of the conspiracies charged in this Indictment included, among other things, acting as a spokesman for the groups charged in Counts One and Two of this Indictment, for example by engaging in interviews with the media and publicizing those groups' hacking activities; and organizing and storing confidential information stolen in connection with the computer hacking described in Counts One and Two of this Indictment. 11. At all times relevant to this Indictment, DARREN MARTYN, a/k/a "pwnsauce," a/k/a "raepsauce," a/k/a "networkkitten," and DONNCHA O'CEARRBHAIL, a/k/a "palladium," the defendants, were computer hackers who resided in Ireland. CYBER ATTACKS BY INTERNET FEDS 12. From in or about December 2010, up to and including in or about May 2011, members of Internet Feds, including RYAN ACKROYD, a/k/a "kayla," a/k/a "lol," a/k/a "lolspoon," JAKE DAVIS, a/k/a "topiary," a/k/a "atopiary," DARREN MARTYN, a/k/a "pwnsauce," a/k/a "raepsauce," a/k/a "networkkitten," and DONNCHA O'CEARRBHAIL, a/k/a "palladium," the defendants, and their co-conspirators, including, among others, SABU, TFLOW and AVUNIT, launched cyber attacks on, and gained unauthorized access to, the websites and computers systems of the following victims, among others: Hack of Fine Gael
Hack of HBGary
Hack of Fox
STATUTORY ALLEGATIONS 13. From at least in or about December 2010, up to and including in or about May 2011, in the Southern District of New York and elsewhere, RYAN ACKROYD, a/k/a "kayla," a/k/a "lol," a/k/a "lolspoon," JAKE DAVIS, a/k/a "topiary," a/k/a "atopiary," DARREN MARTYN, a/k/a "pwnsauce," a/k/a "raepsauce," a/k/a "networkkitten," and DONNCHA O'CEARRBHAIL, a/k/a "palladium," the defendants, and others known and unknown, willfully and knowingly, combined, conspired, confederated, and agreed together and with each other to engage in computer hacking, in violation of Title 18, United States Code, Section 1030 (a) (5) (A) . 14. It was a part and an object of the conspiracy that RYAN ACKROYD, a/k/a "kayla," a/k/a "lol," a/k/a "lolspoon," JAKE DAVIS, a/k/a "topiary," a/k/a "atopiary," DARREN MARTYN, a/k/a "pwnsauce," a/k/a "raepsauce," a/k/a "networkkitten," and DONNCHA O'CEARRBHAIL, a/k/a "palladium," the defendants, and others known and unknown, willfully and knowingly would and did cause the transmission of a program, information, code and command, and, as a result of such conduct, would and did intentionally cause damage without authorization, to a protected computer, which would and did cause a loss (including loss resulting from a related course of conduct affecting one and more other protected computers) aggregating to at least $5,000 to one and more persons during anyone year period, in violation of Title 18, United States Code, Sections 1030 (a) (5) (A), 1030 (c) (4) (B) (i) and (c) (4) (A) (i) (I) . OVERT ACTS 15. In furtherance of the conspiracy and to effect the illegal object thereof, the following overt acts, among others, were committed in the Southern District of New York and elsewhere:
(Title 18, United States Code, Section 1030(b).) COUNT TWO: (CONSPIRACY TO COMMIT COMPUTER HACKING - LULZSEC) The Grand Jury further charges: 16. The allegations in paragraphs 1 through 12 and 15 this Indictment are repeated and realleged as though fully set forth herein. BACKGROUND ON LULZSEC 17. In or about May 2011, following the publicity that they had generated as a result of their hacking of Fine Gael and HBGary, among other victims, members of Internet Feds, including RYAN ACKROYD, a/k/a "kayla," a/k/a "lol," a/k/a "lolspoon," JAKE DAVIS, a/k/a "topiary," a/k/a "atopiary," and DARREN MARTYN/ a/k/a "pwnsauce," a/k/a "raepsauce," a/k/a "networkkitten," the defendants/ as well as SABU, TFLOW, and AVUNIT, formed and became the principal members of a new hacking group, "Lulz Security," or "LulzSec." 18. Like Internet Feds, LulzSec undertook a campaign of malicious cyber assaults on the websites and computer systems of various business and government entities in the United States and throughout the world. Although the members of LulzSec and their co-conspirators claimed to have engaged in these attacks for humorous purposes ("lulz" is Internet slang which can be interpreted as "laughs," "humor," or "amusement" ), LulzSec's criminal acts included, among other things, the theft of confidential information, including sensitive personal information for thousands of individuals, from their victims' computer systems; the public disclosure of that confidential information on the Internet; the defacement of Internet websites; and overwhelming victims' computers with bogus requests for information (known as "denial of service" or "DoS" attacks) . 19. Also like Internet Feds, LulzSec sought to gain notoriety for their hacks by varied and repeated efforts to broadcast their acts of online destruction and criminality. As a means of publicizing their cyber assaults, members of LulzSec and their co-conspirators maintained a website, "www.LulzSecurity.com;" an account in the name "LulzSec" at www.thepiratebay.org; and a Twitter account, "@LulzSec;" all of which they used to, among other things, announce their hacks and issue written "press releases" about them; mock their victims; solicit donations; and publicly disclose confidential information they had stolen through their cyber attacks. 20. Similar to Internet Feds, as a means of publicizing their online assaults, as well as intimidating their victims, members of LulzSec and their co-conspirators used particular logos and slogans in, for example, their "press releases," their website defacements, and on the www.LulzSecurity.com website and the @LulzSec Twitter account. 21. Despite going to great lengths to seek attention for their illegal conduct, the members of LulzSec and their coconspirators - like Internet Feds - attempted to hide their true identities. Among other things, they referred to themselves by aliases, attempted to promote false personas, and used technical means, including proxy servers, in an effort to conceal themselves online. 22. At various times relevant to this Indictment, members of LulzSec, including RYAN ACKROYD, a/k/a "kayla," a/k/a "lol," a/k/a "lolspoon," JAKE DAVIS, a/k/a "topiary," a/k/a "atopiary," and DARREN MARTYN, a/k/a "pwnsauce," a/k/a "raepsauce," a/k/a "networkkitten," the defendants, as well as SABU, TFLOW, and AVUNIT, and their co-conspirators, launched cyber attacks on the websites and computer systems of the following victims, among others:
23. At various times relevant to this Indictment, and in addition to identifying and exploiting vulnerabilities in their victims' computer systems on their own, the members of LulzSec also received from other computer hackers information regarding vulnerabilities in the computer systems of a variety of business and government entities. LulzSec members used this information to launch cyber attacks on those entities or stored it in anticipation of future attacks. 24. At various times relevant to this Indictment, members of LulzSec and their co-conspirators communicated with each other and planned and coordinated their cyber attacks using password-restricted, invitation-only IRC channels, including, among others, "#upperdeck" and "#hq". CYBER ATTACKS BY LULZSEC 25. From in or about May 2011, up to and including at least in or about June 2011, members of LulzSec, including RYAN ACKROYD, a/k/a "kayla," a/k/a "lol," a/k/a "lolspoon," JAKE DAVIS, a/k/a "topiary," a/k/a "atopiary," and DARREN MARTYN, a/k/a "pwnsauce," a/k/a "raepsauce," a/k/a "networkkitten," the defendants, and their co-conspirators, including, among others, SABU, TFLOW, and AVUNIT, launched cyber attacks on, and gained unauthorized access to, the websites and computers systems of the following victims, among others: Hack of PBS
Hack of Sony Pictures
Hack of Infragard-Atlanta
Hack of Bethesda Softworks
STATUTORY ALLEGATIONS 26. From at least in or about May 2011, up to and including at least in or about June 2011, in the Southern District of New York and elsewhere, RYAN ACKROYD, a/k/a "kayla," a/k/a "lol," a/k/a "lolspoon," JAKE DAVIS, a/k/a "topiary," a/k/a "atopiary," and DARREN MARTYN, a/k/a "pwnsauce," a/k/a "raepsauce," a/k/a "networkkitten," the defendants, and others known and unknown, willfully and knowingly, combined, conspired, confederated, and agreed together and with each other to engage in computer hacking, in violation of Title 18, United States Code, Section 1030 (a) (5) (A) . 27. It was a part and an object of the conspiracy that RYAN ACKROYD, a/k/a "kayla," a/k/a "lol," a/k/a "lolspoon," JAKE DAVIS, a/k/a "topiary," a/k/a "atopiary," and DARREN MARTYN, a/k/a "pwnsauce," a/k/a "raepsauce," a/k/a "networkkitten," the defendants, and others known and unknown, willfully and knowingly would and did cause the transmission of a program, information, code and command, and, as a result of such conduct, would and did intentionally cause damage without authorization, to a protected computer, which would and did cause a loss (including loss resulting from a related course of conduct affecting one and more other protected computers) aggregating to at least $5,000 to one and more persons during anyone year period, and which would and did cause damage affecting a computer used by and for an entity of the United States Government, to wit the FBI, in furtherance of the administration of justice, national defense and national security, in violation of Title 18, United States Code, Sections 1030 (a) (5) (A), 1030 (c) (4) (B) (i) and (c) (4) (A) (i) (I) and (V). OVERT ACTS 28. In furtherance of the conspiracy and to effect the illegal object thereof, the following overt acts, among others, were committed in the Southern District of New York and elsewhere:
(Title 18, United States Code, Section 1030(b).) FORFEITURE ALLEGATION AS TO COUNTS ONE AND TWO 29. As a result of committing one or both of the offenses alleged in Counts One and Two of this Indictment, RYAN ACKROYD, a/k/a "kayla," a/k/a "lol," a/k/a "lolspoon," JAKE DAVIS, a/k/a "topiary," a/k/a "atopiary," DARREN MARTYN, a/k/a "pwnsauce," a/k/a "raepsauce," a/k/a "networkkitten," and DONNCHA O'CEARRBHAIL, a/k/a "palladium," the defendants, shall forfeit to the United States, pursuant to 18 U.S.C. § 982(a) (2) (B), any property constituting, or derived from, proceeds obtained directly or indirectly as a result of one or both of the said offenses, including but not limited to a sum of money representing the amount of proceeds obtained as a result of one or both of the said offenses. SUBSTITUTE ASSETS PROVISION 30. If any of the above-described forfeitable property, as a result of any act or omission of the defendants:
(Title United States Code t Sections 982 (a) (2) (B) and (b) (1) t Title United States Code , Section 853(p).)
PREET BHARARA
|