Australian police have arrested a man they say is a high-ranking member of the international hacking collective Lulz Security on a charge of attacking and defacing a government Web site, officials said yesterday.
The 24-year-old senior information technology worker, whose name was not released, was arrested on Tuesday night at his Sydney office, the Australian Federal Police (AFP) said. The man, who police say claimed to lead the group in Australia, was charged with two counts of unauthorized modification of data to cause impairment and one count of unauthorized access to, or modification of, restricted data. If convicted, he could face up to 12 years in jail.
Lulz Security, or LulzSec, is an offshoot of the hacking group Anonymous. LulzSec was formed in 2011 and quickly grabbed headlines after claiming responsibility for a series of high-profile cyberattacks against the CIA, Sony Pictures, the US Public Broadcasting Service and Britain’s Serious Organised Crime Agency.
Several members of the group have been arrested in recent years, including its reputed leader, known as Sabu. Sabu turned out to be FBI informant Hector Xavier Monsegur, who federal officials said helped them build a case against several other hackers. Two weeks ago, British LulzSec hacker Ryan Ackroyd pleaded guilty to several cyberattacks.
Australian Federal Police Superintendent Brad Marden said the man arrested on Tuesday hacked into an Australian government Web site and defaced it earlier this month. Marden would not say which Web site was attacked, but said it did not belong to a federal agency.
Australian police do not believe any sensitive data stored on the site was accessed in the attack and do not believe anyone else was involved in the hack.
The man, who is from Gosford, about 80km north of Sydney, claimed to be the Australian leader of LulzSec, Australian Federal Police Commander Glen McEwen said. However, Anonymous Australia appeared to laugh off those claims on Twitter. In response to a follower asking if anyone knew who the man was, the group tweeted: “Nope not part of the usual suspects on any of our chains of communication.”
Australian police began investigating the man two weeks ago after they discovered the government Web site had been hacked.
“This individual was operating from a position of trust, who had access to sensitive information from clients including government agencies,” McEwen said. “The AFP believes this man’s skill sets and access to this type of information presented a considerable risk for Australian society.”
The man was released on bail and ordered to appear in court next month.