June 19, 2011

Lulzsec Profile: Who Are They?

Tal Be'ery, our lead web researcher put together a full profile of Lulzsec based our own work plus some information that is publicly available:  

  • Lulzsec seems to be a spinoff of a group of hackers  from the "anonymous" organization.
  • They hacked HBgary and gawker – under the anonymous group umbrella but then decided to create their own 'gig'. Why? Probably to be independent.
  • The supporting evidence for is that the same nicks are used on both anonymous hacking related discussions (early 2011) and lulzsec (mid 2011).
  • They communicate mainly via private IRC channels – and publish via twitter and pastebin.
  • They mostly use Web application vulnerabilities as they used SQLi for PBS and (one of) Sony hacks.
  • They also use automated tools to harvest databass called Havij, as we can see from the leaked PBS hack screenshots.
  • Main Members:
    • Sabu – HBgary hacker. Seems to be the leader.
    • Nakomis – Coder, rumored to be one of PHPBB coders.
    • Topiary – Finance – handles donations and payment for services (e.g., botnets)
    • Tflow – Hacker. Rumored.
    • Kayla – Hacker. Owns a big botnet.
    • Joepie91 – Website admin.
    • Barrett Brown – Spokesperson (NOTE:  Mr. Brown has said he isn't a member).
    • Avunit 

From the discussion I'd seems they would be exposed and probably arrested very soon (if they hadn't already)  – as many "real world" details on their identity get revealed.

Some interesting reading:


Authors & Topics:

Share on LinkedIn


Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.