Limited time offer









Less of a smoking gun and more of a bubbling volcano

Did the FBI cleverly direct hackers to break into the servers of foreign governments? And did it do so without the hackers being aware of who was really directing their actions? We can’t give a definitive ‘yes’ for legal reasons, but anybody in possession of the facts couldn't help but reach that conclusion. An intriguing story broke the other day that reveals just how murky the depths of hacking can be while shedding some light on the shadowy world of international spying in the internet age. You’ve probably heard of LulzSec the infamous hacktivist group. One of its founders was a certain Hector Xavier Monsegnur, known in hacking circles as Sabu and a driving force behind high profile attacks on companies like Mastercard and PayPal.

I spy for the FBI

In 2011, Sabu became an FBI informant following his arrest for hacking activities. He helped nail five other expert hackers that the FBI was chasing. Until these arrests, Sabu maintained his hacking profile as a cover for his FBI activities. In one of his last tweets before he was exposed as an FBI informant he said: “The feds at this moment are scouring our lives without warrants. Without judges approval. This needs to change. Asap.”

Target Syria, Iran and Pakistan

However, when he tweeted this, perhaps he had something else on his mind other than maintaining a cover. According to heavily redacted court documents Sabu was at this time directing other hackers to attack websites and computers belonging to Iranian, Syrian, Turkish, Brazilian and Pakistani governments, among others. These attacks that he coordinated only took place after he became an FBI informant. Apparently the FBI agents were aware of his activities. It’s further claimed that the information lifted from these websites and computers was later passed onto other US intelligence agencies.

Tense and heated

While the FBI has naturally refused to comment there are so many fingers pointing in its direction, not to mention tensely heated political conditions between the US and many of the targeted countries, that it’s less of a smoking gun and more of a bubbling volcano. The court documents claim that at least one hacker was directed by Sabu to extract huge amounts of information, including bank records and login information, from the government servers of these countries and upload it to a server monitored by the FBI. Other targeted government sites included the Polish Embassy in Britain and Iraq’s Ministry of Electricity. The actual court documents were lodged by lawyers representing Jeremy Hammond one of the hackers directed by Sabu. Sabu provided Hammond with a list of foreign government server targets which included 2,000 Internet domain targets.

Doing dirty work – then 10 years in clink

Hammond is currently sitting out a ten year prison sentence for sabotaging the servers of Stratfor Global Intelligence, a private intelligence outfit based in Texas. After the Stratfor hack and before Hammond was nailed for it, he began working for Sabu targeting foreign government servers. Sabu had already been turned by the FBI at this time and a recent statement made by Hammond from prison indicated the scale of the attacks: “After Stratfor, it was pretty much out of control in terms of targets we had access to.” Of course, at the time Sabu’s cover as an FBI informant had not been blown so Hammond could not have known he might have been actually hacking on behalf of the FBI.

A nice job, a sweet promotion for someone - probably

We say ‘might’ because there is no direct evidence suggesting the FBI actually directed attacks against foreign government servers. However, given the overwhelming circumstantial evidence and Edward Snowden’s revelations about the sweeping scope of NSA hacking you’d have to be a bit brain dead or comatose to not see the connection. Bringing it down to a personal level, it’s also not too difficult to imagine some law enforcement officers rubbing their hands in glee; Sabu is turned, Hammond a notorious hacker unwittingly provides vital information for the intelligence services and then gets 10 years for an earlier hack. Promotion anyone?
Filed under: BullGuard News

Written by Steve Bell

Steve has a background in IT and business journalism and has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies producing content producing. He has a particular focus on IT security and has produced several magazines in this area.

More articles by Steve Bell


  • rosalinda_roughley

    12 May 2014, 22:11

    Greetiոgs! Very usefսl advice іn this particular aгticle!
    Іt's the little changes which will make the Ƅiggest cɦɑոges.
    Thanks a lot for shɑring!
  • les bowers

    2 May 2014, 17:45

    which password should i change

Leave a Reply




Please enter the code

Please enter the captcha code!

Security code

Ranked #1 by industry experts

BullGuard Internet Security Cup

Internet Security

Free download
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.