NEW YORK — The shadowy underworld of Internet hackers was rocked by news Tuesday that one of the world’s most-wanted and most-feared computer vandals has been an FBI informant for months and helped authorities build a case against five alleged comrades.
The FBI said it captured the legendary hacker known as “Sabu” last June, and he turned out to be Hector Xavier Monsegur, 28, a self-taught, unemployed computer programmer with no college education, living on welfare in public housing in New York.
His exploits made him a hero to some in cyberspace until he made a rookie mistake — he posted something online without cloaking his IP address, or computer identity — and someone tipped off the FBI.
Soon after his arrest, he pleaded guilty and began spilling secrets, leading to charges Tuesday against five people in Europe and the U.S., including a Chicago man, and preventing more than 300 attacks along the way, authorities said.
Law enforcement officials said it marked the first time core members of the loosely organized worldwide hacking group Anonymous have been identified and charged in the U.S.
Investigators said Monsegur and the other defendants were all associated with the group, and some were also part of the elite spinoff organization that Monsegur formed last May, Lulz Security or LulzSec. “Lulz” is Internet slang for “laughs” or “amusement.”
Monsegur and the other defendants were accused in court papers of hacking into corporations and government agencies around the world, including the U.S. Senate, filching confidential information, defacing websites and temporarily putting victims out of business. Authorities said their crimes affected more than 1 million people.
Prosecutors said that among other things, the hackers, with Monsegur as their ringleader, disrupted websites belonging to Visa, Mastercard and Paypal in 2010 and 2011 because the companies refused to accept donations to Wikileaks, the organization that spilled a trove of U.S. military and diplomatic secrets.
Also, prosecutors said, Monsegur and the others attacked a PBS website last May and planted a false story that slain rapper Tupac Shakur was alive in New Zealand. Investigators said it was retaliation for what the hackers perceived to be unfavorable news coverage of Wikileaks on the PBS program “Frontline.”
But it was the arrest of Monsegur that sent shockwaves through the Anonymous movement, where many described him as a leader and one of the collective’s most skilled hackers.
Some Anonymous members put on a brave face.
“Anonymous is a hydra, cut off one head and we grow two back,” read one defiant message posted to Twitter.
But the atmosphere in one of the group’s chat rooms had an edge of panic. One Anonymous supporter discussed cleaning the group’s hard drive. Another warned that if Sabu is cooperating, then “we are all going to have the FBI at are (sic) door.”
A Twitter account associated with Monsegur has some 45,000 followers and regularly spouts expletive-filled anti-government messages. His last tweet on Monday was in German and described the federal government as being run by “cowards.” It was apparently aimed at concealing his role as an informant.
“Don’t give in to these people,” the message read. “Fight back. Stay strong.”
Monsegur pleaded guilty in August to charges that included conspiracy to commit hacking, admitting he obtained dozens of credit card numbers online and gave them to others or used them to pay his bills.
His deal with prosecutors requires his full cooperation and testimony at any trial. In return, he gets leniency from a potential prison sentence of more than 120 years. He is free on $50,000 bail.
Also charged with conspiracy to commit computer hacking were Ryan Ackroyd, 23, of Doncaster, England; Jake Davis, 29, of Lerwick, Scotland; Darren Martyn, 25, of Galway, Ireland; Donncha O’Cearrbhail, 19, of Birr, Ireland; and Jeremy Hammond, 27, of Chicago. The Europeans were previously arrested in separate hacking cases, though two of them were re-arrested on Tuesday.
Hammond, who was arrested Monday, appeared before a federal judge in Chicago and was ordered transferred to New York. Hammond was charged with crimes related to the hacking in December of Strategic Forecasting Inc., a global intelligence firm in Austin, Texas, that affected up to 860,000 victims.
In July, when LulzSec’s attacks were grabbing world headlines, someone alleged that Sabu was Monsegur and posted personal details about him on the Internet. Sabu took to Twitter to deny it.
Barrett Brown, a former journalist who became closely associated with Anonymous, said Sabu’s cooperation with the FBI could do serious damage to Anonymous.
“He was an admired Anon,” he said. “He’s been a leader. People came to him with information. God knows what else he told them.”
Associated Press writer Satter reported from London. Also contributing were Associated Press writers Colleen Long and David B. Caruso in New York and Michael Tarm in Chicago.