THE FEDERAL BUREAU OF INVESTIGATION (FBI) has arrested two men associated with hacktivist groups Lulzsec and Anonymous for their alleged involvement in attacks against Sony Pictures Entertainment and other organizations. Computer damage charges have also been filed against a third suspect.
Cody Kretsinger, 23, from Phoenix, Arizona was arrested based on a nine-page indictment returned earlier this month by a federal grand jury in Los Angeles. He is charged with conspiracy to impair and unauthorized impairment of a protected computer.
The charges are in connection with a May attack against Sony Pictures Entertainment allegedly conducted by Anonymous-affiliated hacking outfit Lulz Security, or Lulzsec.
Authorities believe that Kretsinger was a Lulzsec member with the moniker "recursion". The indictment claims that he used a hacking technique known as SQL injection to break into the Sony Pictures Entertainment website and access confidential customer information.
Following the attack, sensitive data was extracted from the company's server and published online. The full extent of the damage resulting from the breach is still being investigated.
The FBI managed to identify Kretsinger using VPN logs from web proxy provider Hidemyass.com, which was used by the hacker to scan for SQL injection vulnerabilities.
The indictment notes that Kretsinger tried to cover his tracks by wiping clean his computer's hard drive, but clearly this wasn't enough. "When you're running this kind of operation for a long time, especially with not very concrete plans, you're bound to make mistakes," says Tal Be'ery, web research team leader at security firm Imperva.
Kretsinger appeared in court yesterday for the first time. If found guilty of all charges he faces a maximum sentence of 15 years in US federal prison.
Meanwhile, Fox News reports that agents from the FBI's Los Angeles office arrested a homeless hacker in San Francisco. The man could be Christopher Doyon, 47, of Mountain View, California who, together with one Joshua Covelli, 26, of Fairborn, Ohio is the target of a separate indictment.
The two are believed to be members of a different Anonymous-affiliated hacking group called People's Liberation Front, and are accused of participating in a 2010 distributed denial of service attack against Santa Cruz County computers.
Doyon and Covelli are charged with conspiracy to cause intentional damage to a protected computer, causing intentional damage to a protected computer and aiding and abetting.
This law enforcement action against Anonymous and its supporters follows the July arrest of sixteen individuals in the US who were believed to have been involved in attacks orchestrated by the hacktivist collective. Additional arrests targeting members of the group were also made in the UK and other European countries. µ