FBI: “Garda Blunder” Led To LulzSec Conference Call Leak

at

httpv://www.youtube.com/watch?v=pl3spwzUZfQAn Irish police officer’s email blunder led to the spectacular leak of a sensitive conference call between the FBI and Scotland Yard, US Law enforcement said..
An indictment unsealed in a New York court alleges that a teenager linked to the Lulz Security group of hackers was able to eavesdrop on the call after an unnamed officer with Ireland’s national police force forwarded a work message to his insecure personal email account.
The email, which apparently originated from the FBI’s Timothy Lauster, invited dozens of law enforcement officers from across Europe and the United States to coordinate their efforts against LulzSec and its amorphous umbrella group, Anonymous.
The FBI’s indictment said that 18-year-old [first year Trinity College student] Donncha O’Cearrbhaill (above) intercepted the email and used the information in it to access and secretly record the Jan. 17 call, which hackers subsequently broadcast (video above) across the Internet.

FBI: Irish Misstep Led to Conference Call Leak (Associated Press)

How The Leak Happened:

 At some point in December 2011 or January 2012, two Garda officers  had their personal Gmail accounts compromised by a hacker. No big deal from a security perspective—except that one of the officers “routinely sent e-mail messages from an official Garda e-mail account to one of the Compromised Gmail Accounts,” according to the FBI warrant.

The hacker monitored the Gmail account for weeks. During the month of January alone, Google’s records show that he accessed the compromised accounts 146 times through a VPN called Perfect Privacy. At some point, he saw an e-mailed invitation for a conference call related to Anonymous, and he pounced.

Using the name “anonsacco,” the hacker then entered a private Anonymous IRC chatroom called “#sunnydays” and spoke to the government source tagged only as “CW” in the FBI affidavit today. (CW appears to have been “Sabu,” a notorious Anonymous/LulzSec hacker who had in fact been arrested in June 2011 and then turned into an FBI informant)

Anonsacco opened the dialogue with CW by saying, “Hi mate. Could I ask you for help? I need to intercept the conference call which would be a very good leak. I have acquired info about the time, phone number, and pin number for the conference call. I just don’t have a good VOIP setup for actually calling in to record it… If you could help me, I am happy to leak the call to you solely. I guarantee it will be of interest!!!”

On January 17, using login details in the e-mail, anonsacco joined and recorded the conference call.

On January 28, anonsacco was back in IRC with an offer to share the recording he had made. “I think we need to hype it up,” he wrote. “Let the feds think we’ve been recording the calls. They will be paranoid that none of their communications methods are safe or secure from Anon.” (The Twitter account “AnonymousIRC” took the advice to heart, tweeting, “The #FBI might be curious how we’re able to continuously read their internal comms for some time now. #OpInfiltration”)

Anonsacco then used an online file-sharing service to send a copy of the recording to CW. It was later uploaded to YouTube by someone else, where it was viewable by the public.

Perhaps the most surprising revelation in the affidavit is that anonsacco/palladium had a history with the police. He had actually been picked up by the Garda on September 1, 2011 in conjunction with another hack. (He later told CW that he had been “v&” or “vanned” by the police, and he expressed surprise that the police showed him detailed transcripts of his conversations.) He was released after his arrest, however, and promptly went back out and infiltrated Garda e-mail accounts. On January 9, 2012, he even boasted to CW that he had “just got into the iCloud [account] for the head of a national police cyber crime unit. I have all his contacts and can track his location 24/7.”

FBI names, Arrests Anon who Infiltrated Its Secret Conference Call (Arstechnica)

If extradited O’Cearbhaill, a socialist activist whose father is independent Offaly county councillor John Carroll, faces a potential ten years in US prison for the first, “computer conspiracy” charge and five years for the “unlawfully intercepted wire communication” charge. The potential penalty in the Irish jurisdiction for cyber crimes in unclear.

Attempts to contact O’Cearbhaill, who is Head of Research at digital marketing company Emarkable, proved unsuccessful. A family member informed the University Times that he remains in Garda custody in Terenure and his computer and phone have been seized. Trinity College Communications Office had “no comment to make” on the matter. The University Times understands that O’Cearbhaill was arrested near to his Halls home [yesterday] morning.

Trinity Student Arrested in FBI Hacking Probe (Rónán Burtenshaw, University Times)