Tal Be'ery, our lead web researcher put together a full profile of Lulzsec based our own work plus some information that is publicly available:
- Lulzsec seems to be a spinoff of a group of hackers from the "anonymous" organization.
- They hacked HBgary and gawker – under the anonymous group umbrella but then decided to create their own 'gig'. Why? Probably to be independent.
- The supporting evidence for is that the same nicks are used on both anonymous hacking related discussions (early 2011) and lulzsec (mid 2011).
- They communicate mainly via private IRC channels – and publish via twitter and pastebin.
- They mostly use Web application vulnerabilities as they used SQLi for PBS and (one of) Sony hacks.
- They also use automated tools to harvest databass called Havij, as we can see from the leaked PBS hack screenshots.
- Main Members:
- Sabu – HBgary hacker. Seems to be the leader.
- Nakomis – Coder, rumored to be one of PHPBB coders.
- Topiary – Finance – handles donations and payment for services (e.g., botnets)
- Tflow – Hacker. Rumored.
- Kayla – Hacker. Owns a big botnet.
- Joepie91 – Website admin.
- Barrett Brown – Spokesperson (NOTE: Mr. Brown has said he isn't a member).
From the discussion I'd seems they would be exposed and probably arrested very soon (if they hadn't already) – as many "real world" details on their identity get revealed.
Some interesting reading: