Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Alleged LulzSec Spokesman Arrested In Scotland

British police arrest 18-year-old on hacking charges as part of ongoing investigation into Anonymous and LulzSec.

Police in Britain have arrested an 18-year old man on hacking charges, alleging that he's Topiary, the Twitter-savvy spokesman for the LulzSec hacking group.

According to a statement released on Wednesday by Britain's Metropolitan Police Service, the arrested man "is believed to be linked to a continuing international investigation into the criminal activity of the so-called 'hacktivist' groups Anonymous and LulzSec, and allegedly uses the online nickname 'Topiary' which is presented as the spokesperson for the groups."

The man, who hasn't been named by authorities, was arrested at a residence in the Shetland Islands in a joint operation involving the United Kingdom's Police Central e-Crime Unit, the Scottish Crime and Drug Enforcement Agency, and the Lincolnshire Constabulary. The Shetlands, located off of the northeast coast of Scotland and comprising about 100 islands--only 16 of which are inhabited--are better known for their wildlife, rather than wild lulz.

Interestingly, all of the posts to Topiary's Twitter feed have been deleted, save one, stating: "You cannot arrest an idea." That post was made on July 22, in response to the FBI's arrest of 14 people, on July 21, on charges that they participated in Anonymous attacks.

On Wednesday, the alleged Topiary was being transported to a police station in London for questioning, and police were searching his residence. Also on Wednesday, as part of the investigation, an unnamed 17-year-old boy was being questioned--he wasn't arrested--and his residence searched by police in Lincolnshire, in eastern England.

Previous, albeit anonymous allegations, suggested Topiary might be a man based in Sweden. Given the arrest in Scotland, chat boards predictably lit up with discussions about whether British police had been duped by LulzSec into arresting the wrong person.

As part of their investigation into distributed denial of service (DDoS) attacks launched under the Anonymous and LulzSec banners, British police had previously arrested two other people. The first was Ryan Cleary, 19, who allegedly ran servers hosting LulzSec chat rooms and launched DDoS attacks against the British Phonographic Industry's website.

Cleary has been remanded in custody, and is due to appear in court late next month. Meanwhile, a 16-year-old boy, unnamed, was earlier arrested and is currently on bail, "to return in late August pending further inquiries," according to police.

LulzSec became famous for its 50-day hacking spree, in which it compromised numerous websites, including those belonging to Sony and the U.S. Senate. Then the group called it quits, urging its admirers to focus their efforts on AntiSec, a joint operation it launched with Anonymous (from which LulzSec had sprung).

Still, LulzSec has remained current. Last week, Sabu, the supposed leader of LulzSec, said via Twitter that his group had obtained a gigabyte of data from NATO, most of which it wouldn't release, as well as numerous emails relating to News International, which it was set to release. In addition, the group planted a false story on the homepage of the Sun and The Times of London newspapers--both owned by Rupert Murdoch, head of News International--saying that Murdoch had died, before redirecting website viewers to the LulzSec Twitter feed.

News International has faced heavy criticism after it emerged that Murdoch's News of the World newspaper paid private investigators to hack into the voice mail of at least several thousand people, and also paid police officials to obtain information. Those revelations have caused a scandal in Britain, and triggered a police investigation that has led to at least 10 arrests.

The scandal has seen News International executives, including Murdoch, face sharp questioning by members of the U.K. parliament, and recently led to the resignation of the head of the Metropolitan Police Service, Paul Stephenson.

Read our report on how to guard your systems from a SQL attack. Download the report now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24259
PUBLISHED: 2021-05-05
The “Elementor Addon Elements� WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24260
PUBLISHED: 2021-05-05
The “Livemesh Addons for Elementor� WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24261
PUBLISHED: 2021-05-05
The “HT Mega – Absolute Addons for Elementor Page Builder� WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by ...
CVE-2021-24262
PUBLISHED: 2021-05-05
The “WooLentor – WooCommerce Elementor Addons + Builder� WordPress Plugin before 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-priv...
CVE-2021-24263
PUBLISHED: 2021-05-05
The “Elementor Addons – PowerPack Addons for Elementor� WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scriptin...