US seeks leniency for 'Sabu,' Lulzsec leader-turned-snitch

Prosecutors contend the seven months time he has served is enough for Hector Xavier Monsegur

U.S. prosecutors say a hacking group's mastermind should be spared a long prison sentence due to his quick and fruitful cooperation with law enforcement.

The man, Hector Xavier Monsegur of New York, is accused of leading a gang of international miscreants calling themselves "Lulzsec," short for Lulz Security, on a noisy hacking spree in 2011, striking companies such as HBGary, Fox Entertainment and Sony Pictures.

Lulzsec, an offshoot of Anonymous, led a high-profile campaign that taunted law enforcement, released stolen data publicly and bragged of their exploits on Twitter. Their campaign touched off a worldwide law enforcement action that resulted in more than a dozen arrests.

Monsegur, known as "Sabu," was secretly arrested by the FBI around June 2011. He pleaded guilty in August that year to a 12-count indictment outlining various fraud and hacking charges. He agreed to work with investigators, which resulted in several more arrests.

In a filing on Friday, U.S. Attorney Preet Bharara wrote that Monsegur should only be sentenced to the seven months he has already served. He could face between 21 and 26 years in prison.

"Monsegur was an extremely valuable and productive cooperator," Bharara wrote.

After FBI agents went to Monsegur's home around June 7, 2011, he allegedly admitted to criminal conduct and immediately agreed to cooperate with law enforcement, according to the filing.

"That night, Monsegur reviewed his computer files with FBI agents and provided actionable information to law enforcement," it said.

In May 2012, Monsegur got in trouble after making "unauthorized online postings," and his bail was revoked. But he was released on a revised bail package in December 2012 and has remained free since, the filing said.

Monsegur's cooperation lead to the arrest of Jeremy Hammond, who at one time was the number one cybercriminal target. Hammond, of Chicago, was sentenced to 10 years in prison in November 2013 after pleading guilty to one count of conspiracy to engage in computer hacking. He also agreed to pay US$2.5 million in restitution.

Hammond admitted to participating in more than a half dozen attacks perpetrated in 2010 and 2011 by Anonymous and affiliated groups, according to the U.S. Attorney for the Southern District of New York. All told, information supplied by Monsegur led to the arrest of seven other major figures, the filing said.

Send news tips and comments to Follow me on Twitter: @jeremy_kirk

Join the CSO newsletter!

Error: Please check your email address.

Tags U.S. Department of JusticeCriminalsecuritylegalcybercrime

More about FBISony

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jeremy Kirk

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place