Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Alleged LulzSec Spokesman Arrested In Scotland

British police arrest 18-year-old on hacking charges as part of ongoing investigation into Anonymous and LulzSec.

Police in Britain have arrested an 18-year old man on hacking charges, alleging that he's Topiary, the Twitter-savvy spokesman for the LulzSec hacking group.

According to a statement released on Wednesday by Britain's Metropolitan Police Service, the arrested man "is believed to be linked to a continuing international investigation into the criminal activity of the so-called 'hacktivist' groups Anonymous and LulzSec, and allegedly uses the online nickname 'Topiary' which is presented as the spokesperson for the groups."

The man, who hasn't been named by authorities, was arrested at a residence in the Shetland Islands in a joint operation involving the United Kingdom's Police Central e-Crime Unit, the Scottish Crime and Drug Enforcement Agency, and the Lincolnshire Constabulary. The Shetlands, located off of the northeast coast of Scotland and comprising about 100 islands--only 16 of which are inhabited--are better known for their wildlife, rather than wild lulz.

Interestingly, all of the posts to Topiary's Twitter feed have been deleted, save one, stating: "You cannot arrest an idea." That post was made on July 22, in response to the FBI's arrest of 14 people, on July 21, on charges that they participated in Anonymous attacks.

On Wednesday, the alleged Topiary was being transported to a police station in London for questioning, and police were searching his residence. Also on Wednesday, as part of the investigation, an unnamed 17-year-old boy was being questioned--he wasn't arrested--and his residence searched by police in Lincolnshire, in eastern England.

Previous, albeit anonymous allegations, suggested Topiary might be a man based in Sweden. Given the arrest in Scotland, chat boards predictably lit up with discussions about whether British police had been duped by LulzSec into arresting the wrong person.

As part of their investigation into distributed denial of service (DDoS) attacks launched under the Anonymous and LulzSec banners, British police had previously arrested two other people. The first was Ryan Cleary, 19, who allegedly ran servers hosting LulzSec chat rooms and launched DDoS attacks against the British Phonographic Industry's website.

Cleary has been remanded in custody, and is due to appear in court late next month. Meanwhile, a 16-year-old boy, unnamed, was earlier arrested and is currently on bail, "to return in late August pending further inquiries," according to police.

LulzSec became famous for its 50-day hacking spree, in which it compromised numerous websites, including those belonging to Sony and the U.S. Senate. Then the group called it quits, urging its admirers to focus their efforts on AntiSec, a joint operation it launched with Anonymous (from which LulzSec had sprung).

Still, LulzSec has remained current. Last week, Sabu, the supposed leader of LulzSec, said via Twitter that his group had obtained a gigabyte of data from NATO, most of which it wouldn't release, as well as numerous emails relating to News International, which it was set to release. In addition, the group planted a false story on the homepage of the Sun and The Times of London newspapers--both owned by Rupert Murdoch, head of News International--saying that Murdoch had died, before redirecting website viewers to the LulzSec Twitter feed.

News International has faced heavy criticism after it emerged that Murdoch's News of the World newspaper paid private investigators to hack into the voice mail of at least several thousand people, and also paid police officials to obtain information. Those revelations have caused a scandal in Britain, and triggered a police investigation that has led to at least 10 arrests.

The scandal has seen News International executives, including Murdoch, face sharp questioning by members of the U.K. parliament, and recently led to the resignation of the head of the Metropolitan Police Service, Paul Stephenson.

Read our report on how to guard your systems from a SQL attack. Download the report now. (Free registration required.)

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Introducing 'Secure Access Service Edge'
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  7/3/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5607
PUBLISHED: 2020-07-10
Open redirect vulnerability in SHIRASAGI v1.13.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2020-15001
PUBLISHED: 2020-07-09
An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. The OTP application allows a user to set optional access codes on OTP slots. This access code is intended to prevent unauthorized changes to OTP configurations. The access code is not checked when u...
CVE-2020-15092
PUBLISHED: 2020-07-09
In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON configuration file. Most T...
CVE-2020-15093
PUBLISHED: 2020-07-09
The tough library (Rust/crates.io) prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. It allows an attacker to duplicate a valid signature in order to circumvent TUF requiring a minimum threshold of unique signatures before the metadata is considered valid. A ...
CVE-2020-15299
PUBLISHED: 2020-07-09
A reflected Cross-Site Scripting (XSS) Vulnerability in the KingComposer plugin through 2.9.4 for WordPress allows remote attackers to trick a victim into submitting an install_online_preset AJAX request containing base64-encoded JavaScript (in the kc-online-preset-data POST parameter) that is execu...