Halethorpe Man Spills Secrets of International Cybercrime Takedown

"I do whatever I feel is right," says the "gray hat" hacker, of leaks made in LulzSec case.

He is slender, with steel-gray eyes and close-cropped light brown hair. He looks even younger than his 22 years, belying his experience in the world of high-stakes cybercrime.

Mike Major, Jr., of Halethorpe calls himself a “gray hat” hacker–neither clearly a good guy nor a bad guy, but one who navigates the virtual realm of cybercrime guided by his own internal sense of justice.

“I do whatever I feel is right at the time,” he said.

Major said he has no regrets–or fear of reprisals–for his role in disrupting the international hacking group Lulz Security, or LulzSec, which claims responsibility for attacks on several high-profile government and corporate web sites.

Known online as “Hann,” Major said he and a friend known as “m_nerva” leaked chat room transcripts of cybercrime discussions that led to the June 20 arrest of 19-year-old Ryan Cleary of Essex, U.K., and the seizure of web servers in a Federal Bureau of Investigation raid on a Virginia Internet provider.

Hann and m_nerva, members of a hacking group called Team Poison, released personal identifying information on the half-dozen core members of LulzSec, including real names and addresses, phone numbers and IP addresses that allowed law enforcement agencies to trace their activities over the internet, Major said.

“We have their family relationships, workplace information, everything,” said Major, who spoke publicly of his role for the first time, with the condition that his face not be shown.

He said most of the half-dozen core LulzSec members are in custody or on the run. One raid was made Thursday by the FBI on the home of an Ohio man, according to the Wall Street Journal

Declaring War on Governments, Corporations
An offshoot of the notorious hacking group Anonymous, LulzSec rose to prominence in May, taking credit for attacks on several media and online gaming sites.

In May, LulzSec took responsibility for attacks on Fox.com, reportedly because the rapper Common was called "vile" on the Fox News Channel. The group claims on its web site to have stolen passwords and the names of 73,000 X Factor contestants.

On May 29, LulzSec claimed to have been the perpetrators of a hacking of the Public Broadcasting Corporation site with a story supposedly by PBS reporting that Tupac Shakur is still alive in New Zealand.

In early June, LulzSec said it hacked Sony, stealing valuable source code and private account information on thousands of users, and Nintendo.com.

The hackers claim they hack for the “lulz”–for fun–and also to point out security vulnerabilities in networked systems, according to statements attributed to the group on Twitter and posted to the LulzSec web site.

Hackers tend to operate in elusive groups, and their tools, or “firepower” as Major called it, are traded or sold in secret online venues.

“The [hacking] community feels you do it for financial gain or for moral reasons,” he said.

LulzSec engaged in “hacktivism” in which cybercrime is used to make political and social statements, says Richard Forno, director of the cybersecurity graduate program at the University of Maryland Baltimore County.

In early June, LulzSec reportedly embarked on a campaign of high-profile hacks, including attacks on government sites in Brazil and the Serious Organised Crime Agency (SOCA), the U.K.'s version of the FBI.

Within the U.S., LulzSec claimed responsibility for hacking the site of an FBI affiliate and taking down the web site of the Central Intelligence Agency. On June 13, LulzSec hacked the web site of the U.S. Senate, according to news reports.

The group reportedly released a lode of confidential information about Arizona law enforcement officials, including the names of undercover agents, in a project called “Operation Chinga La Migra.”

LulzSec taunted its victims and law enforcement through Twitter and statements released on its web site. It declared cyberwar on governments and corporations via Twitter.

"They were taking it too far," Major said. "A lot of us thought so. Taking down the CIA web site for publicity is just media-whoring."

"I Have No Fear of These Kids"
Major explained that hackers congregate in online chat rooms known as internet relay chat (IRC). Typically, a hacker will use a "proxy" or a virtual connection established on a vulnerable computer found over the internet. The computer owner often has no idea that his space and bandwidth is being borrowed for illegal activity.

Using a virtual space on somebody else's computer allows a hacker to disguise his IP address. Even better, Major explains, is borrowing a computer beyond the convenient reach of law enforcement in an eastern European nation or a country like Switzerland, where laws protect private information such as IP addresses.

By the time law enforcement has the information, the digital trail has long since evaporated.

Major said that Cleary was a dupe used by LulzSec to host its IRC chats. Team Poison used Cleary to record conversations and unmask IP addresses of LulzSec members, he said.

On June 21, by posting personal information at Pastebin, a site where people can share clips of code or text. LulzSec posted real names, home addresses and IP addresses.

M_nerva "was involved in the hacking of the game 'Dues Ex' and was/is involved in countless other cybercrimes," LulzSec posted in a message directed at "FBI and other law enforcement clowns."

"Also, he tried to snitch on us. Therefore we just did your job for you with great ease," they said. "This moron is trying to flee the country in order to avoid serious punishment. Hunt him down."

About Major, SulzSec said, "[H]e's also wanted for some pretty heavy stuff."

Major maintains he has done nothing wrong. "I haven't broken any laws,” he said. “I have nothing to worry about." He said he has not been questioned by the FBI or law enforcement.

Several members of LulzSec have been questioned or taken into custody. Others are on the lam or have merged back into Anonymous, according to Major.

On June 25, LulzSec announced that it was disbanding and ending what it called "50 Days of Lulz."

Major said he has no regrets about making waves in the hacking world. "I was more than happy to do it," he said. "I was fighting for the good guy."

He denies being worried about reprisals. "I have no fear of these kids," he said. "These guys are complete idiots. They can't touch me here or online. What are they going to do, charge down my driveway and beat me up?"

Forno said that the LulzSec episode speaks volumes about the vulnerability of the online world as people around the globe increasingly rely on digital devices and are networked in their  everyday lives.

"The question is, how were they able to get in?" Forno said."Attacks and incidents like this show how complacent we are in an internet-dependent society. It shows how much we're not doing in the way of security."

Halethorpe Improvement Association July 04, 2011 at 02:52 AM
I commend this young man for doing the right thing knowing that doing so could result in retribution. This country and the world could use some more upstanding citizens like him. A very good job done on the writing of the article also.
Sean Tully July 06, 2011 at 01:03 AM
I think the only way corporations are ever going to really take the protection of personal information seriously is if they are severely fined when someone hacks into their systems. I have absolutely no sense of security when it comes to my personal information being "out there" in cyberspace.


More »
Got a question? Something on your mind? Talk to your community, directly.
Note Article
Just a short thought to get the word out quickly about anything in your neighborhood.
Share something with your neighbors.What's on your mind?What's on your mind?Make an announcement, speak your mind, or sell somethingPost something
See more »