The Hunt For LulzSec's Missing Sixth Member

DavidGilbert99 writes "LulzSec's star burnt brightly in the short period it was active, but things quickly turned sour when its core members began getting arrested. Last week three of the six core members were sentenced in the UK, but this only served to highlight the fact that one member of the group, known as Avunit, has been able to remain unidentified despite the FBI having turned the group's leader Sabu into an informant. Who is Avunit? And does he hold the purse strings of the group's Bitcoin wallet which could have up to $180,000 in it?" As usual, be warned of the horrendous autoplaying video ads surrounding good content at the primary link.

I'm....

[maroberts]

Spartacus^H^H Avunit

Why link to junk?

[ozmanjusri]

If IBTimes wants to piss people off with autoplay videos, why link to them?

Here's El Reg's version of the same story:

http://www.theregister.co.uk/2013/05/17/lulzsec_analysis/

Re:Why link to junk?

[ozmanjusri]

Your computer is broken.

It's not my computer, it's a work one, but yeah, you're right, it's running Windows and IE.

A "bitcoin wallet"

[centipedes.in.my.vag]

Captain Pedantic here,

A "bitcoin wallet" has $0 USD in it, by definition.

Excelsior!

Re:A "bitcoin wallet"

[ledow]

You've obviously not used Bitcoin a lot.

You can have as many wallets as you like and a wallet can generate as many "addresses" as you want to receive money on. Outsiders have no idea that two distinct Bitcoin destinations aren't in fact the same wallet.

Additionally, only the network as a whole really knows where the transactions are coming from, an individual Bitcoin user doesn't (otherwise it would be pointless!). It's peer-to-peer so somewhere, some peer knows what IP generated that transaction. But without having control of a vast proportion of the whole network, down to the IP level, there's no way to reliably trace anything back to a "real" IP, person, wallet.

Transactions are logged. But with wallet addresses. And you can tell what wallet addresses should have how much money in each. But you can't tell which wallet addresses are the same address, nor where they come from, nor who owns them. A transaction will just appear in the blockchain and come from several thousand peers almost simultaneously who share the information across the network and even the first one on the list isn't necessarily the client who first saw the transaction.

And those clients are private peer-to-peer clients. If my client was the first to see your transaction, you'd have to raid ME to get the IP information from my systems - and what are the chances of a random Bitcoin user having full network traces of all the actions on their network, going back to the transaction you're interested in, by the time you find them?

Transactions are basically sent to random people in the swarm. They talk to more random people and eventually the network all sees the transaction. Finding out which Bitcoin address first saw the transaction is nigh-on impossible even with complete knowledge. Raiding them and finding information on their systems that links back that transaction to an originating IP is incredibly unlikely even if you could do that. And if they used Tor or a proxy to initiate the transaction? You're stuffed.

Even collection of funds? They can publish any number of Bitcoin wallet addresses that secretly correspond to a single wallet and anyone who sends them money will NEVER KNOW where it's going. The transaction goes into the swarm and after a while, all clients agreed that wallet address X has amount Y in it. The total wallet, though, might have several million addresses associated with it and even the last client on the route to informing that wallet of a received transaction won't ever know that it's talking to the wallet holder.

No matter what you think of it as a currency, Bitcoin is a fabulously-designed anonymous transaction protocol. About the only threat is one entity holding 50% of the hashing power, but that just gives them the power to control the block chain, not identify users.

Re:A "bitcoin wallet"

[PopeRatzo]

As a matter of fact I never directly used Bitcoin.

Because you're not goofy.

Personally, I do all of my transactions in Darknet Credits, which is the new monetary system based on reputation and righteous deeds. I can't actually buy anything, but I'm in on the ground floor.

Wow

[MichaelSmith]

Given the general leakyness of the Lulzsec "organisation", this person has done well to remain unidentified.

Clever guy

[wvmarle]

Clever guy, he should add this to his resume, should get him far in security firms. He obviously knows very well how the Internet works. Just don't apply to a job at the FBI.

Pity the article is so short on details. How did he do it? Using Tor all the time or so? At least he's using Twitter apparently - and Twitter logs IP addresses. So must be doing something about that.

Re:Clever guy

[king+neckbeard]

Probably the tried and true method of 7 proxies

Re:Clever guy

[MichaelSmith]

Yeah and not bragging about his achievements.

Re:Clever guy

[Bobakitoo]

So must be doing something about that.

Maybe he is fictive? Number three pigs '1', '2', and '4'. And laugh your ass off as the police search pig number 3 for months if not years.

Multiple aliases are better to remain anonymous. When the author is found, there is no way to know if all his aliases are discovered. Undiscovered aliases could be confused as a other person. Even if someone confess there is a sixth person it could be misinformation or plain ignorance.

Re:Clever guy

[jamesh]

Probably the tried and true method of 7 proxies

The FBI has just cracked 7 proxies. You have to use 8 now.

Re:Clever guy

[Legion303]

Why do you think it appears to give intelligent reactions?

I blame Firefox, Chrome, Safari, and (probably) IE

[backslashdot]

Why can't browsers tell me which tab or window (let alone frame etc) is playing sound and also offer a way to disable it? It's cause their customers are doing it. Oh well, I woulda expected better from Firefox.

This is a nerd site, right?

[Bearhouse]

As usual, be warned of the horrendous autoplaying video ads surrounding good content at the primary link.

Not a problem if you're running adblockers, noscript etc.

I opt IN for ads on the sites I wish to support, and I which I believe to be safe.

Re:This is a nerd site, right?

[wvmarle]

Support, agree.

Safe, not. The site does not bring the ads themselves, some external ad broker does this. And with many well known ad companies compromised, no matter how well you trust the site and it's webmaster, I doubt there is any ad network that can really be trusted.

Wait for the Trackability law

Well we use to have banking privacy. Banks knew who had the account, but your transactions were secret unless there was evidence of a crime in which case the bank could be forced to hand over the details.

Then as an anti-laundering measure, the data was given to SWIFT, and recorded by them, but that was OK because SWIFT was owned by the banks and would only turn over the data if evidence of a crime existed as they were under Belgian law.

Then the USA grabbed all of SWIFT's data post 9/11 deciding they should see every transaction made in the world.

Then the EU Commission *gave* them the right to receive all EU future data, after SWIFT moved their head quarters and servers from USA to Switzerland. So now the EU obtains the data from SWIFT and sends it to the USA.

Then the USA extracted some data related to tax havens, like British Virgin Islands and handed that to the press and gave all the rest of that data to UK and Australia. At the same time using the press stories to market the 'tax evasion' angle, and override the fact that a lot of privacy laws were broken when they handed private banking data to their allies.

http://www.bbc.co.uk/news/world-europe-22599324#sa-ns_mchannel=rss&ns_source=PublicRSS20-sa

So watch Bitcoin, because they'll declare Bitcoin trackable, and require forced declaration of all transactions to the USA. If you imagine they won't, take a look at SWIFT, if I send money from Belgium to Germany, the record is taken and handed to the USA, and that's despite the privacy law in the EU, and the criminal privacy law in Belgium and the financial privacy law in Germany.

At some point we all became criminals here in Europe, and the EU Commission decided it had the right to waive privacy, and we see 'leaks' of data on 'certain' politicians, but not others, as the USA gets to pick and choose who can be a politician by leaking their banking data to their allies.

Re:Tough crowd

[SharpFang]

Apparently everyone knows maroberts is Avunit already.