Connect with us

Hi, what are you looking for?



Government Seeks Leniency For LulzSec Hacker Sabu

In a motion submitted on Friday to the United States District Court in the Southern District of New York, the government recommended that Hector Xavier Monsegur, a.k.a. the hacker “Sabu,” have his sentence greatly reduced as a result of his cooperation with authorities.

In a motion submitted on Friday to the United States District Court in the Southern District of New York, the government recommended that Hector Xavier Monsegur, a.k.a. the hacker “Sabu,” have his sentence greatly reduced as a result of his cooperation with authorities.

While Monsegur could technically be put behind bars for between 21 to 26 years for his crimes, prosecutors said Monsegur was an “extremely valuable and productive cooperator” and are seeking leniency for the former hacker group leader.

According to Court documents (PDF), Monsegur directly participated in cyberattacks against HB Gary, Fox Television, the Tribune Company, PBS, Sony Pictures, Sony BMG websites in Russia, Belgium and the Netherlands, Nintendo and the United States Senate.

Just last month, the New York Times reported that Monsegur had directed hundreds of cyber attacks against the websites of foreign governments, including Brazil, Iran, Pakistan, Syria and Turkey.

After being arrested on June 7, 2011, Monsegur admitted being a hacker and “immediately” agreed to start working with authorities as an informant. Monsegur showed agents files stored on his computer and provided them with actionable information, the court documents said.

He was charged with identity theft and credit card fraud the next day but was then released on bail and continued to assist the government with cybercrime-related investigations.

In August 2011, Monsegur pleaded guilty to nine counts related to computer hacking, one count of aggravated identity theft, one count of conspiracy to commit bank fraud, and one count related to payment card fraud. He was supposed to be sentenced in August 2012, but the decision has been postponed seven times because of his ongoing collaboration with the government.

Advertisement. Scroll to continue reading.

What the public didn’t know up until now was that on May 24, 2012, the hacker’s bail was revoked for unauthorized online postings. He was locked up for around seven months, until December 18, 2012. 

“Probation recommends a sentence of time served. As set forth in more detail below, Monsegur was an extremely valuable and productive cooperator,” reads the motion submitted by the government to Judge Loretta A. Preska.

Prosecutors want Sabu to be sentenced to time served for several reasons, including the fact that he admitted his guilt even before he was charged with anything.

“Monsegur admitted both to prior criminal conduct about which the Government had not developed evidence, as well as his role in both Internet Feds and LulzSec. Monsegur subsequently and timely provided crucial, detailed information regarding computer intrusions committed by these groups, including how the attacks occurred,” reveals the court document, parts of which have been sealed to protect the identities of certain victims.

Monsegur has helped authorities identify, prosecute and convict Ryan Ackroyd (Kayla), Jake Davis (Topiary), Mustafa Al-Bassam (T-Flow), Darren Martyn (pwnsauce), Jeremy Hammond (Anarchaos), Ryan Cleary, Donncha O’Cearrbhail (palladium), and even former Reuters journalist Matthew Keys.

It’s worth noting that Hammond, who was sentenced to 10 years in prison for his role in the Stratfor hack, was named the FBI’s most wanted cybercriminal in the world at the time of his arrest.

Sabu was reportedly prepared to testify against each of these people, but it wasn’t necessary because with the exception of Keys, who is awaiting trial, they all pleaded guilty to the charges brought against them.

In addition to helping investigators track down members of the LulzSec hacker group, Monsegur helped law enforcement in preventing cyberattacks. 

According to FBI estimates, Monsegur helped the agency disrupt or prevent at least 300 separate cyber attacks.

The FBI relocated Monsegur and some members of his family due to the threats he received.

“Monsegur repeatedly was approached on the street and threatened or menaced about his cooperation once it became publicly known. Monsegur was also harassed by individuals who incorrectly concluded that he participated in the Government’s prosecution of the operators of the Silk Road website,” prosecutors noted.

Monsegur is scheduled to be sentenced on May 27, 2014. 

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...