Image 01 Image 03

Infamous LulzSec Hackers Get Jail Time

Infamous LulzSec Hackers Get Jail Time

A British court handed down jail time Thursday to four hackers that were part of a notorious splinter group of the Anonymous hacker collective known as LulzSec.

  • Ryan Cleary, 21, aka “ViraL,” received 32 months.  Cleary will also receive a separate sentence in connection with a charge of possession of images showing child abuse, to which he pleaded guilty.
  • Jake Davis, 20, aka “Topiary,” received two years
  • Ryan Ackroyd, 26, aka “Kayla,” received 30 months
  • Mustafa Al-Bassam, 18, aka “tFlow,” was given 20-months, though his sentence was suspended for two years.  Bassam was still in school when the attacks were carried out, likely a consideration in the Judge’s decision to suspend Bassam’s sentence.

Ryan Ackroyd became well known during his hacking exploits for posing as a 16-year old girl named “Kayla,” whose cover fooled even many media outlets.  Some though, like Forbes’ Parmy Olson and author of “We Are Anonymous,” seemed suspicious, and reported the story of Kayla “as Kayla want[ed] you to think.”

Among other activities, “Kayla” was infamous for her (his) alleged role in the HB Gary hack, previously outlined in an earlier separate US indictment.  Much of that episode – which read more like a fascinating fictional crime story – involved more social engineering prowess than merely just hacking skills.

During the British trial, Ackroyd had admitted to stealing data from Sony, and hacking Nintendo and the Arizona State Police.  He also admitted to hacking News Corp.  (Some may remember in 2011, the Sun newspaper’s website redirecting to a fake story claiming that News Corp’s chairman Rupert Murdoch had been found dead in his home of a suicide).

Cleary acknowledged his involvement in attacks on the CIA and US Air Force computers at the Pentagon, among others.

Jake Davis and Mustafa Al-Bassam had pleaded guilty to launching attacks against the CIA, News International, 20th Century Fox, Sony Pictures Entertainment and the Serious Organized Crime Agency (SOCA) and National Health Service (NHS) in Britain.

As RT noted, some of the attacks involved exposing private data.

In many of the attacks, the gang of “modern day pirates” stole troves of personal information, including passwords, emails and credit card details, which they later posted on the LulzSec website and file-sharing sites. The FBI, News International, Nintendo and Sony were among many of the other high-profile targets the group targeted in their spree. They also carried out distributed denial of service (DDoS) attacks on many victims’ websites, causing them to crash.

Some of those actions ultimately caused harm to companies and individuals, according to prosecutors from the case.  The BBC quoted one prosecutor:

The actions of the group were “cowardly and vindictive”, said Andrew Hadik, a lawyer for the Crown Prosecution Service.

“The harm they caused was foreseeable, extensive and intended,” he said. “Indeed, they boasted of how clever they were with a complete disregard for the impact their actions had on real people’s lives.

“This case should serve as a warning to other cybercriminals that they are not invincible,” he said.

While these were crimes prosecuted in Britain as the result of joint investigative activities between British and US law enforcement personnel, they were actually not the only crimes for which some of the accused hackers had originally been indicted. As Information Week previously reported:

All had been arrested in the course of a trans-Atlantic investigation conducted by the FBI and Scotland Yard into the hacktivist groups LulzSec and Anonymous. A separate U.S. indictment had charged Ackroyd and Davis with having participated in attacks against the Atlanta chapter of Infragard, Nintendo, the Public Broadcasting Service (PBS) and Westboro Baptist church.

Prosecutors said Ackroyd was the brains and botnet aficionado behind the LulzSec operations. Notably, Ackroyd’s botnet, which tapped infected — or zombie — PCs, was used to launch distributed denial-of-service (DDoS) attacks against many of the targets.

The LulzSec splinter group was largely disrupted after it was revealed in an unsealed indictment in the US that one if its core members, Hector Xavier Monsegur aka “Sabu,” was previously arrested and had been secretly cooperating with the FBI to help infiltrate and disrupt the group.  Sabu’s cooperation is believed to have exposed many of the other LulzSec members’ activities and resulted in some of the subsequent indictments.

Monsegur still awaits his sentencing, which has already been extended on two occasions for six months at a time.


You can download the original US indictment for Ryan Ackroyd and Jake Davis here.

You can download the original US indictment for Ryan Cleary indictment here.


Donations tax deductible
to the full extent allowed by law.


Lulz @ LulzSec

no honor among hackers… one of them turned whistle blower on the others for a plea deal.

Let that sink in.

Anyone who attacks the Westboro Baptist Church can’t be all bad.

[…] From LegalInsurrection here: […]