Yesterday, Cody Kretsinger, a 23-year-old from Phoenix, Arizona was arrested and charged with conspiracy and the unauthorized impairment of a protected computer, according a federal indictment.
How did the Feds track down the alleged LulzSec member? It turns out that a VPN service reportedly used to mask his online identify and location was the one who handed over data to the FBI.
According to the federal indictment (embedded below), Kretsinger registered for a VPN account at HideMyAss.Com under the user name “recursion”. Following that, the indictment said that Kretsinger and other unknown conspirators conducted SQL injection attacks against Sony Pictures in attempt to extract confidential data.
According to a blog post from HideMyAss, they realized that LulzSec members had been utilizing its service after seeing leaked IRC chat logs. The company said it took no action after discovering the hackers had been using its services to hide, saying, there was no evidence to suggest wrongdoing and nothing to identify which accounts they were using.
“At a later date it came as no surprise to have received a court order asking for information relating to an account associated with some or all of the above cases,” they wrote in the post this morning. “As stated in our terms of service and privacy policy our service is not to be used for illegal activity, and as a legitimate company we will cooperate with law enforcement if we receive a court order (equivalent of a subpoena in the US).”
The blog post, titled “Lulzsec fiasco” also added the following: “Our VPN service and VPN services in general are not designed to be used to commit illegal activity. It is very naive to think that by paying a subscription fee to a VPN service you are free to break the law without any consequences. This includes certain hardcore privacy services which claim you will never be identified, these types of services that do not cooperate are more likely to have their entire VPN network monitored and tapped by law enforcement, thus affecting all legitimate customers.”
You can be sure that HideMyAss is not the only provider to be hit with subpoenas and essentially being forced to hand over user data. It’s likely the FBI and other officials are digging deep and requesting similar information from other VPN providers and online services such as Pastebin, Twitter, and other tools and web services commonly used by hackers.
Full indictment is below:
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.
More from Mike Lennon
- Watch on Demand: Supply Chain & Third-Party Risk Summit Sessions
- Virtual Event Today: Supply Chain & Third-Party Risk Summit
- Ferrari Says Ransomware Attack Exposed Customer Data
- Webinar Today: How to Build Resilience Against Emerging Cyber Threats
- Make Your Picks: Cyber Madness Bracket Challenge Starts Today
- Cyber Madness Bracket Challenge – Register to Play
- Watch Sessions: Ransomware Resilience & Recovery Summit
- Webinar Today: Entering the Cloud Native Security Era
Latest News
- US Charges 20-Year-Old Head of Hacker Site BreachForums
- Tesla Hacked Twice at Pwn2Own Exploit Contest
- CISA Ships ‘Untitled Goose Tool’ to Hunt for Microsoft Azure Cloud Infections
- Critical WooCommerce Payments Vulnerability Leads to Site Takeover
- PoC Exploit Published for Just-Patched Veeam Data Backup Solution Flaw
- CISA Gets Proactive With New Pre-Ransomware Alerts
- Watch on Demand: Supply Chain & Third-Party Risk Summit Sessions
- TikTok CEO Grilled by Skeptical Lawmakers on Safety, Content
