Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Hunt For LulzSec's Missing Sixth Member

Posted by Unknown on from the imaginary-hackers dept.

DavidGilbert99 writes "LulzSec's star burnt brightly in the short period it was active, but things quickly turned sour when its core members began getting arrested. Last week three of the six core members were sentenced in the UK, but this only served to highlight the fact that one member of the group, known as Avunit, has been able to remain unidentified despite the FBI having turned the group's leader Sabu into an informant. Who is Avunit? And does he hold the purse strings of the group's Bitcoin wallet which could have up to $180,000 in it?" As usual, be warned of the horrendous autoplaying video ads surrounding good content at the primary link.

32 of 104 comments (clear)

  1. I'm.... by maroberts · · Score: 5, Funny

    Spartacus^H^H Avunit

    --

    Donte Alistair Anderson Roberts - hi son!
    Karma: Chameleon

  2. Why link to junk? by ozmanjusri · · Score: 5, Informative

    If IBTimes wants to piss people off with autoplay videos, why link to them?

    Here's El Reg's version of the same story:

    http://www.theregister.co.uk/2013/05/17/lulzsec_analysis/

    --
    "I've got more toys than Teruhisa Kitahara."
    1. Re:Why link to junk? by cffrost · · Score: 2

      [...] autoplay videos [...]

      Your computer is broken.

      --
      Thank you, Edward Snowden.

      "Arguments from authority are worthless." —Carl Sagan
    2. Re:Why link to junk? by wvmarle · · Score: 2

      What "autoplay videos" are you talking about? Other than that there is no left margin to the text, the page as a whole was good to read.

    3. Re:Why link to junk? by ozmanjusri · · Score: 4, Funny

      Your computer is broken.

      It's not my computer, it's a work one, but yeah, you're right, it's running Windows and IE.

      --
      "I've got more toys than Teruhisa Kitahara."
  3. A "bitcoin wallet" by centipedes.in.my.vag · · Score: 4, Funny

    Captain Pedantic here,

    A "bitcoin wallet" has $0 USD in it, by definition.

    Excelsior!

    --
    Only on /. can I lose karma with 2x "5, Funny" posts.
    1. Re:A "bitcoin wallet" by wvmarle · · Score: 3, Interesting

      Another thing about bitcoin: they are trackable. Hard to track, but as I understand it's possible, as every single transaction is logged by the network, and that it is possible to track down the whereabouts of every single bitcoin at every moment in the past since it was mined.

      They received some 3,000 bitcoins in donations back in the day, can't those bitcoins be traced to a certain wallet? And - related - can they (or the wallet itself) be anyhow confiscated?

      Now I'm the first to admit I still don't really understand the intricacies of bitcoin - my understanding is mostly from reading about it here and on other sites. So I may be totally off, if anyone knows better I'd love to hear.

    2. Re:A "bitcoin wallet" by HungryHobo · · Score: 2

      You can't confiscate them but you can track them if you know the history of some of the bitcoins in their possession. Problem is that there's nothing stopping someone from passing those bitcoins through a thousand anonymous parties connecting over Tor then trading them with others for other bitcoins before cashing them out or exchanging them for something.

    3. Re:A "bitcoin wallet" by ledow · · Score: 5, Informative

      You've obviously not used Bitcoin a lot.

      You can have as many wallets as you like and a wallet can generate as many "addresses" as you want to receive money on. Outsiders have no idea that two distinct Bitcoin destinations aren't in fact the same wallet.

      Additionally, only the network as a whole really knows where the transactions are coming from, an individual Bitcoin user doesn't (otherwise it would be pointless!). It's peer-to-peer so somewhere, some peer knows what IP generated that transaction. But without having control of a vast proportion of the whole network, down to the IP level, there's no way to reliably trace anything back to a "real" IP, person, wallet.

      Transactions are logged. But with wallet addresses. And you can tell what wallet addresses should have how much money in each. But you can't tell which wallet addresses are the same address, nor where they come from, nor who owns them. A transaction will just appear in the blockchain and come from several thousand peers almost simultaneously who share the information across the network and even the first one on the list isn't necessarily the client who first saw the transaction.

      And those clients are private peer-to-peer clients. If my client was the first to see your transaction, you'd have to raid ME to get the IP information from my systems - and what are the chances of a random Bitcoin user having full network traces of all the actions on their network, going back to the transaction you're interested in, by the time you find them?

      Transactions are basically sent to random people in the swarm. They talk to more random people and eventually the network all sees the transaction. Finding out which Bitcoin address first saw the transaction is nigh-on impossible even with complete knowledge. Raiding them and finding information on their systems that links back that transaction to an originating IP is incredibly unlikely even if you could do that. And if they used Tor or a proxy to initiate the transaction? You're stuffed.

      Even collection of funds? They can publish any number of Bitcoin wallet addresses that secretly correspond to a single wallet and anyone who sends them money will NEVER KNOW where it's going. The transaction goes into the swarm and after a while, all clients agreed that wallet address X has amount Y in it. The total wallet, though, might have several million addresses associated with it and even the last client on the route to informing that wallet of a received transaction won't ever know that it's talking to the wallet holder.

      No matter what you think of it as a currency, Bitcoin is a fabulously-designed anonymous transaction protocol. About the only threat is one entity holding 50% of the hashing power, but that just gives them the power to control the block chain, not identify users.

    4. Re:A "bitcoin wallet" by pantaril · · Score: 2

      They received some 3,000 bitcoins in donations back in the day, can't those bitcoins be traced to a certain wallet?

      You can trace bitcoins to certain wallet easily by inspecting the blockchain (public log of all bitcoin transactions). The problem is, you usually can't find to whom does the wallet belong. If the bitcoins were send trough some kind of mixing/anonymising service which doen't keep track of real-world identities of its users, you are usually out of luck.

      And - related - can they (or the wallet itself) be anyhow confiscated?

      The wallet can be confiscated (or bitcoins could be transfered out of it) if you know the private keys stored in the wallet. This is very hard unless you have physical access to the wallet and the wallet is unencrypted.

    5. Re:A "bitcoin wallet" by PopeRatzo · · Score: 4, Funny

      As a matter of fact I never directly used Bitcoin.

      Because you're not goofy.

      Personally, I do all of my transactions in Darknet Credits, which is the new monetary system based on reputation and righteous deeds. I can't actually buy anything, but I'm in on the ground floor.

      --
      You are welcome on my lawn.
  4. Wow by MichaelSmith · · Score: 4, Insightful

    Given the general leakyness of the Lulzsec "organisation", this person has done well to remain unidentified.

    --
    http://michaelsmith.id.au
  5. Clever guy by wvmarle · · Score: 4, Interesting

    Clever guy, he should add this to his resume, should get him far in security firms. He obviously knows very well how the Internet works. Just don't apply to a job at the FBI.

    Pity the article is so short on details. How did he do it? Using Tor all the time or so? At least he's using Twitter apparently - and Twitter logs IP addresses. So must be doing something about that.

    1. Re:Clever guy by king+neckbeard · · Score: 4, Funny

      Probably the tried and true method of 7 proxies

      --
      This is my signature. There are many like it, but this one is mine.
    2. Re:Clever guy by MichaelSmith · · Score: 5, Insightful

      Yeah and not bragging about his achievements.

      --
      http://michaelsmith.id.au
    3. Re:Clever guy by Bobakitoo · · Score: 5, Insightful

      So must be doing something about that.

      Maybe he is fictive? Number three pigs '1', '2', and '4'. And laugh your ass off as the police search pig number 3 for months if not years.

      Multiple aliases are better to remain anonymous. When the author is found, there is no way to know if all his aliases are discovered. Undiscovered aliases could be confused as a other person. Even if someone confess there is a sixth person it could be misinformation or plain ignorance.

    4. Re:Clever guy by MrMickS · · Score: 2

      Someone in it for the Lulz

      --
      You may think me a tired, old, cynic. I'd have to disagree about the tired bit.
    5. Re:Clever guy by jamesh · · Score: 4, Funny

      Probably the tried and true method of 7 proxies

      The FBI has just cracked 7 proxies. You have to use 8 now.

    6. Re:Clever guy by ledow · · Score: 2

      There's any number of ways, it's just a matter of how careful you are.

      Control a botnet, use that, make sure the botnet can't be traced back to you.

      Use public wifi in random locations at random times. Pretty damn easy to do even if you're broadcasting a static MAC - those sorts of places rarely have proper logs.

      Use tor, proxies, intermediaries (shell servers bought with Bitcoin etc. would be hard to trace, etc.). There are any number of ways.

      But the important thing is to be careful and watch the trail that you're leaving. Anyone with half-an-IT-brain should be able to do that, if they really want to. The fact that others are caught, whenever you hear the story, is normally down to some boasting or weak link in the chain where they got sloppy.

      It's not like criminal forensics at a crime scene where it's almost impossible to cover your tracks. You are in control of every packet you send from every location and what it contains and what information that can be linked to. It's just a question of knowing that and not getting cocky / sloppy.

      That said, it's still quite impressive that (if they exist) this person has managed to do so for this long.

    7. Re:Clever guy by lightknight · · Score: 2

      But, but...criminals like to brag! And return to the scene of their crimes! And leave really cryptic riddles that give clues to where they will strike next / who they really are!

      --
      I am John Hurt.
    8. Re:Clever guy by wvmarle · · Score: 2

      If I were to engage in such hacking activity, I'd not use my home/office ISP. Always use some open WiFi, an Internet cafe, Starbucks, whatever.

      Maybe even an anonymous prepaid SIM (paid in cash, thethering through a phone bought second hand in cash). And after the SIM is empty/expires, buy a new one and trade in the phone for another one. And again do not use the phone at home, but always on the move, sitting in some random park, etc.

      That should take care of the direct-connecting-it-to-a-person part. But in case of AVunit they don't even know which country he is from. Not even the continent. And that's pretty impressive. At least a layer of TOR and maybe more in between him and the outside world.

    9. Re:Clever guy by Legion303 · · Score: 4, Funny

      Why do you think it appears to give intelligent reactions?

    10. Re:Clever guy by cold+fjord · · Score: 2

      He probably did do some bragging, just securely, by proxy. "Ha! My friend is 31337 u n00b!! Ur gona get pwn3d!!"

      --
      much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
  6. I blame Firefox, Chrome, Safari, and (probably) IE by backslashdot · · Score: 4, Interesting

    Why can't browsers tell me which tab or window (let alone frame etc) is playing sound and also offer a way to disable it? It's cause their customers are doing it. Oh well, I woulda expected better from Firefox.

  7. Tough crowd by maroberts · · Score: 2, Funny

    How can the first post be redundant?
    Moderation is going downhill nowadays...

    --

    Donte Alistair Anderson Roberts - hi son!
    Karma: Chameleon

    1. Re:Tough crowd by SharpFang · · Score: 5, Funny

      Apparently everyone knows maroberts is Avunit already.

      --
      45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
  8. This is a nerd site, right? by Bearhouse · · Score: 4, Informative

    As usual, be warned of the horrendous autoplaying video ads surrounding good content at the primary link.

    Not a problem if you're running adblockers, noscript etc.

    I opt IN for ads on the sites I wish to support, and I which I believe to be safe.

    1. Re:This is a nerd site, right? by wvmarle · · Score: 5, Insightful

      Support, agree.

      Safe, not. The site does not bring the ads themselves, some external ad broker does this. And with many well known ad companies compromised, no matter how well you trust the site and it's webmaster, I doubt there is any ad network that can really be trusted.

  9. Re:I blame Firefox, Chrome, Safari, and (probably) by espamo · · Score: 3, Informative

    This feature is already in the latest Canary build of Google Chrome.

  10. Wait for the Trackability law by Anonymous Coward · · Score: 4, Informative

    Well we use to have banking privacy. Banks knew who had the account, but your transactions were secret unless there was evidence of a crime in which case the bank could be forced to hand over the details.

    Then as an anti-laundering measure, the data was given to SWIFT, and recorded by them, but that was OK because SWIFT was owned by the banks and would only turn over the data if evidence of a crime existed as they were under Belgian law.

    Then the USA grabbed all of SWIFT's data post 9/11 deciding they should see every transaction made in the world.

    Then the EU Commission *gave* them the right to receive all EU future data, after SWIFT moved their head quarters and servers from USA to Switzerland. So now the EU obtains the data from SWIFT and sends it to the USA.

    Then the USA extracted some data related to tax havens, like British Virgin Islands and handed that to the press and gave all the rest of that data to UK and Australia. At the same time using the press stories to market the 'tax evasion' angle, and override the fact that a lot of privacy laws were broken when they handed private banking data to their allies.

    http://www.bbc.co.uk/news/world-europe-22599324#sa-ns_mchannel=rss&ns_source=PublicRSS20-sa

    So watch Bitcoin, because they'll declare Bitcoin trackable, and require forced declaration of all transactions to the USA. If you imagine they won't, take a look at SWIFT, if I send money from Belgium to Germany, the record is taken and handed to the USA, and that's despite the privacy law in the EU, and the criminal privacy law in Belgium and the financial privacy law in Germany.

    At some point we all became criminals here in Europe, and the EU Commission decided it had the right to waive privacy, and we see 'leaks' of data on 'certain' politicians, but not others, as the USA gets to pick and choose who can be a politician by leaking their banking data to their allies.

  11. Your data too by Anonymous Coward · · Score: 2, Insightful

    The data leaked to the press was a tiny file of a few gigs, 1%'er stuff about tax havens. The data given to the UK, Australia and USA FBI/IRS, was hundreds/thousands of times bigger and 100%'er stuff.

    Your data too.

    "I feel here is schadenfreude."
    You wish.

  12. Re:He's still on the loose! OMG! by TechyImmigrant · · Score: 2

    Maybe he's the mole.

    --
    I should use this sig to advertise my book ISBN-13 : 978-1501515132.