June 27, 2011 3:39 am

Hunt goes on after Lulz hackers break up

Authorities in the UK and the US continue to hunt the leaders of Lulz Security even after the hacking group announced it was disbanding, people familiar with the probe said.

“We are pushing hard to get the main players arrested,” one person working on the case told the Financial Times. “I would like to think that they will be feeling the heat at the moment.”

The Metropolitan Police in London said the investigation was continuing. The FBI did not immediately respond to a request for comment.

Lulz drew scrutiny from multiple agencies in a hacking spree that lasted two months and generated unprecedented publicity. It temporarily forced offline the public websites of the CIA and the UK’s Serious Organised Crime Agency with denial-of-service attacks, in which many computers try to connect simultaneously and overwhelm a web page with traffic.

Of greater concern to law enforcement was Lulz’s more sophisticated work in penetrating internal accounts at the US public television network PBS, security companies, and a joint FBI-private sector forum called InfraGard.

The FBI and the US defence department were further alarmed when Lulz, which had said it was hacking for the joy of it, shifted to focus on exposing classified government secrets.

Lulz tweeted that it was disbanding because a planned 50-day campaign to cause chaos had run its course. The group said in its farewell release that it had only six members. It previously said Ryan Cleary, the 19-year-old from Essex, UK, who remains in custody charged with the Soca website attack and other offences, played a marginal role.

But the pressure from police had obviously taken a toll. One leader of the group told outsiders last week he was leaving, while another participant in leaked internal chat logs said he was taking a break.

Disillusioned members of precursor cyber-activist group Anonymous and private security researchers accelerated their efforts to identify the leaders by their real names, publishing theories and supporting evidence on the web.

Chris Wysopal, chief technology officer of US security company Veracode, said Lulz had displayed an “average skill level”, relying on readily available tools to hunt for known flaws in the way websites are defended.

Its real threat, researchers and police said, was that it inspired collective action and rapidly shared such sensitive information as user passwords. If it had continued its campaign without arrests, it would also have made mockery of cybercrime law enforcement.

Lulz said its members would continue their campaign as individuals. Less clear is whether Lulz lasted long enough to inspire co-ordinated, sustained activity.

Copyright The Financial Times Limited 2015. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.


Sign up for email briefings to stay up to date on topics you are interested in