In a motion submitted on Friday to the United States District Court in the Southern District of New York, the government recommended that Hector Xavier Monsegur, a.k.a. the hacker “Sabu,” have his sentence greatly reduced as a result of his cooperation with authorities.
While Monsegur could technically be put behind bars for between 21 to 26 years for his crimes, prosecutors said Monsegur was an “extremely valuable and productive cooperator” and are seeking leniency for the former hacker group leader.
According to Court documents (PDF), Monsegur directly participated in cyberattacks against HB Gary, Fox Television, the Tribune Company, PBS, Sony Pictures, Sony BMG websites in Russia, Belgium and the Netherlands, Nintendo and the United States Senate.
Just last month, the New York Times reported that Monsegur had directed hundreds of cyber attacks against the websites of foreign governments, including Brazil, Iran, Pakistan, Syria and Turkey.
After being arrested on June 7, 2011, Monsegur admitted being a hacker and “immediately” agreed to start working with authorities as an informant. Monsegur showed agents files stored on his computer and provided them with actionable information, the court documents said.
He was charged with identity theft and credit card fraud the next day but was then released on bail and continued to assist the government with cybercrime-related investigations.
In August 2011, Monsegur pleaded guilty to nine counts related to computer hacking, one count of aggravated identity theft, one count of conspiracy to commit bank fraud, and one count related to payment card fraud. He was supposed to be sentenced in August 2012, but the decision has been postponed seven times because of his ongoing collaboration with the government.
What the public didn’t know up until now was that on May 24, 2012, the hacker’s bail was revoked for unauthorized online postings. He was locked up for around seven months, until December 18, 2012.
“Probation recommends a sentence of time served. As set forth in more detail below, Monsegur was an extremely valuable and productive cooperator,” reads the motion submitted by the government to Judge Loretta A. Preska.
Prosecutors want Sabu to be sentenced to time served for several reasons, including the fact that he admitted his guilt even before he was charged with anything.
“Monsegur admitted both to prior criminal conduct about which the Government had not developed evidence, as well as his role in both Internet Feds and LulzSec. Monsegur subsequently and timely provided crucial, detailed information regarding computer intrusions committed by these groups, including how the attacks occurred,” reveals the court document, parts of which have been sealed to protect the identities of certain victims.
Monsegur has helped authorities identify, prosecute and convict Ryan Ackroyd (Kayla), Jake Davis (Topiary), Mustafa Al-Bassam (T-Flow), Darren Martyn (pwnsauce), Jeremy Hammond (Anarchaos), Ryan Cleary, Donncha O’Cearrbhail (palladium), and even former Reuters journalist Matthew Keys.
It’s worth noting that Hammond, who was sentenced to 10 years in prison for his role in the Stratfor hack, was named the FBI’s most wanted cybercriminal in the world at the time of his arrest.
Sabu was reportedly prepared to testify against each of these people, but it wasn’t necessary because with the exception of Keys, who is awaiting trial, they all pleaded guilty to the charges brought against them.
In addition to helping investigators track down members of the LulzSec hacker group, Monsegur helped law enforcement in preventing cyberattacks.
According to FBI estimates, Monsegur helped the agency disrupt or prevent at least 300 separate cyber attacks.
The FBI relocated Monsegur and some members of his family due to the threats he received.
“Monsegur repeatedly was approached on the street and threatened or menaced about his cooperation once it became publicly known. Monsegur was also harassed by individuals who incorrectly concluded that he participated in the Government’s prosecution of the operators of the Silk Road website,” prosecutors noted.
Monsegur is scheduled to be sentenced on May 27, 2014.