Dozens of pages of previously unreleased documents pertaining to the prosecution of hacktivist Jeremy Hammond have been released, further linking the United States government to a gamut of cyberattacks waged against foreign nations.
Hammond, 29, made waves last November when he defied a US federal judge’s order and told a packed New York City courtroom on the day of his sentencing that the Federal Bureau of Investigation had relied on an undercover informant to direct members of the amorphous hacking collective Anonymous to target the websites of adversarial nations.
The latest releases now lend credence to Hammond’s claims that the FBI guided Anonymous into conducting cyberattacks at their behest, regardless of the sheer illegality involved. The documents — a previously unpublishedstatement purported to be authored by Hammond and never-before-seen court files —now corroborate the role of the feds in these proxy cyberwars of sorts.
Using the internet alias “Sabu,” the turncoat — Hector Xavier Monsegur of New York — supplied Hammond with lists of vulnerable targets that were then compromised, Hammond said in his courtroom testimony on Nov. 15. Data and details were pillaged and exploited, Hammond said, and then shared with the informant and, ergo, the FBI.
“These intrusions, all of which were suggested by Sabu while cooperating with the FBI, affected thousands of domain names and consisted largely of foreign government websites, including those of Turkey, Brazil, Iran —,” Hammond managed to say before being silenced by US District Court Judge Loretta Preska. Moments later, Preska sentencedhim to the maximum time behind bars allowable under a mutually agreed upon plea deal: 120 months.
The hacktivist has managed to have his voice heard since, however, and on Wednesday this week the New York Times published an article focused on the FBI’s role with regards to spearheading hacks for Anonymous. Speaking from behind bars, Hammond told Times journalist Mark Mazzetti that “it was pretty much out of control in terms of targets we had access to” in the weeks after Anonymous compromised the computer system of Texas-based intelligence firm Stratfor in December 2011 and his arrest the following March.
Nevertheless, “Sabu wasn’t getting his hands dirty,” Hammond told the Times.
Mazzetti went on to acknowledge that an uncensored version of Hammond’s sentencing statement was published to the web concurrent with November’s hearing, and in it the hacker claimed to have been provided a list more than 2,000 internet domains to target by the FBI’s informant. That same document, though previously unverified, also contained the list of targeted countries that Hammond was ordered to refrain from saying at last year’s sentencing:“Brazil, Turkey, Syria, Puerto Rico, Colombia, Nigeria, Iran, Slovenia, Greece, Pakistan and others,” including “the Governor of Puerto Rico, the Internal Affairs Division of the Military Police of Brazil, the Official Website of the Crown Prince of Kuwait, the Tax Department of Turkey, the Iranian Academic Center for Education and Cultural Research, the Polish Embassy in the UK and the Ministry of Electricity of Iraq.”
Hours after the Times article was published on Wednesday, a wild leak appeared that is alleged to contain several paragraphs from Hammond that he authored last year for an article but were edited ahead of publication. The style of the writing in the document uploaded to the Pastebin website is on par with that of Hammond’s, and a source close to the case who asked to remain anonymous confirmed the authenticity of the excerpt to RT early Thursday.
"In view of NYT's reporting, we would like to add some additional context to this statement," the excerpts areprefaced.
“Sabu is not the real issue,” Hammond reportedly wrote. “What is important is how the FBI used him, and how they may still be using other hacktivists to gather intelligence and illegally break into websites without oversight, accountability or reprisal.”
“In my case, the FBI used Sabu to infiltrate and monitor hundreds of public and private hacker chatrooms where he was able to gain influence within Anonymous by claiming responsibility for hacks carried out by others, bragging to the media with hyperbolic quotes, accusing others of being sellouts and snitches and encouraging hacks into government and corporate websites,” it continued. “He enabled hackers and facilitated hacks by supplying several servers for storage of hacked emails and databases, cracking encrypted password lists, suggesting specific targets and offering step-by-step technical advice to people as they were breaking into systems. Impressionable and less experiences hackers, eager to please a visible Anonymous ‘leader’ would send him their half-finished vulnerability findings; Sabu would then pass this information along to skilled hackers to finish the job.”
Practically at the same time that Hammond’s alleged statement surfaced on Thursday, the online digital libraryCryptome.org published a 94-page collection of court documents that seem to further show the extent of the FBI’s role in coercing Anonymous with the help of their undercover informant. [Notice: Upon initial publishing of this article, RT became aware that these documents were made available by the court on the PACER website on April 16.However, they were not reported on until now]
Included in that trove are letters to Judge Preska allegedly authorized by Hammond’s legal counsel, as well as dozens of pages of internet chat transcripts between web accounts purportedly registered to their client and the FBI’s informant. In one document, dated November 1, 2013, attorney Susan Kellman acknowledged that discovery in the case “further reveals that while cooperating with the government, Mr. Monsegur challenged Mr. Hammond to access many international government websites and servers.”
“Over the course of numerous chat logs, Mr. Monsegur, presumably under government direction, repeatedly asked Mr. Hammond to provide passwords or root backdoor information to access these sites,” Kellman continued.
“In some cases,” the attorney added, “…it appears as though the United States government was actively facilitating the hacking of foreign government websites.”
Also within the leaked cache is one document, a “discovery timeline pertaining to hacks of foreign websites,” in which the defense outlined no fewer than 26 times in which Monsegur supplied Hammond with information about those targets or provided assistance between January 23, 2012 and February 15.
Elsewhere, chat logs between the two hackers and sometimes other associates corroborated the defense’s claims. In one, for instance, Monsegur boasted that he helped other hackers “step by step into getting into the mail server” of a target. In another, he instructed Hammond to have other hackers “backdoor urls” of targeted sites, essentially providing unfettered access to anyone aware of the exploit — and, in this instance, the US government.
In the previously unpublished statement attributed to Hammond that surfaced this week, he wrote that “Manipulating hackers to break into international websites to steal emails and databases is a previously undisclosed aspect of the wide-ranging cyber and surveillance operations being carried out by the NSA and other agencies.” Indeed, a review group assembled by President Barack Obama said in December that the National Security Agency and other government organization must refrain from stockpiling so-called “zero day” exploits that, when executed, allow attackers to take advantage of vulnerabilities that have yet to be acknowledged, let alone patched.
“The single biggest problem in computational ethics right now is the perverse market incentives provided to software exploit developers,” Andrew Auernheimer, a formerly-convicted security hacker who was released from prison earlier this month, told RT on Thursday. Auernheimer, 28, was prosecuted by the federal government after disclosing a security flaw in the servers of AT&T’s computers that allowed him to access the email address of roughly 114,000 Apple iPad owners. He was found guilty by jury of computer fraud in late 2012, but last month his conviction wasvacated by the Third Circuit Court of Appeals.
Since his release, Auernheimer — who is not affiliated with Anonymous — has said he plans on starting a hedge fund in order to further support endeavors that will help publicize flaws discovered on the systems of publically-traded companies. As evidenced by the newly released Hammond documents, however, exploits are hard to get a hold of unless you’re a either a well-funded government willing to write a check to ethically-bankrupt security experts or, in this case, coaxing hackers into doing the dirty work for you.
“The only way to make money is to sell them to government agencies and In-Q-Tel investments,” Auernheimer told journalist Andrew Blake for RT on Thursday, referring to the venture capital fund that was launched with the aid of Central Intelligence Agency backing.
According to the just-surfaced statement from Hammond, the former Anonymous hacktivist believes it’s high time that those governments change ways as well.
“The government hopes that my conviction will legitimize the abusive tactics and illegal objectives it sponsors,” he said, according to the document. “I took responsibility for my actions, now it is time for the government to answer for its own crimes.”
When reached by phone on Thursday afternoon, a person at the law office that represented Hammond during his trial said his counsel would “absolutely not” verify the authenticity of the leaked documents. A protective order filed in May 2012 — and amended after the defense was provided with the discovery documents leaked this week — prohibits sharing of those files.
Monsegur is next scheduled to be sentenced May 8 in New York, although his attorneys have requested and receivedadjournments no fewer than half-a-dozen times during the last two years. In each instance, Judge Preska agreed to postpone his sentencing on account of ongoing cooperation with federal investigators.
What are they doing now? If back then, they were assisting Anonymous, providing lists of vulnerable targets and coordinating hack work-flow.
You are surprised? I would hope not. In the big leagues they play for keeps ... winner takes ALL the marbles, every time. Hammond and Monsegur are to be commended for continuing to breathe this long.
If you are surprised by what happened or shocked at its boldness, you probably don't belong on this website. Either get used to this level of behavior or, with our blessings, rejoin the flock.
THIS is why I steer clear of any organized militia or other non-FTF encounters with like-minded individuals. I do not coordinate anything with anyone I have not known FTF for at least two years ... and that's a VERY short list because I will know you for that long before even hinting at how I actually view things. It makes building a network impossibly slow, but it also reduces the amount of exposure I have. I don't want to end up like Hammond ... I don't want to do business with a Monsegur.
Where there is one, there are others.
One thing I would ask Anonymous: why is Monsegur still where the FBI can find him? What you do is unique and worthwhile. If you want to continue doing what you do, you can't let the TLA agencies recycle a source. If Monsegur did to the KGB, Mossad (or even the FBI) what he did to you, do you think he'd be able to do it again? Don't play games with this. Face what needs to be done and do it. Be quick about it.
You are compromised. You need to purge and re-vet. Don't bitch about it, don't appoint a committee to study it. Just get it done.
Did the final paragraph use Monsegur's name by accident? It would seem that the name "Hammond" should have begun that conclusion.
<Legal Disclaimer> Please note that I am not suggesting that any individual or organization engage in violence or other violation of the law directed toward any individual human being or toward any organization. How others take care of their business is their business and I urge all to comport themselves within legal boundaries. </Legal Disclaimer>