Over the news that is blowing everywhere from hacking world, the FBI has reportedly been working with the online collective name Lulzsec leader ‘Sabu’ in order to bring down its other member, Fox News reports. The group leader is reported to be working with the feds from number of months. Talking with Fox News, an FBI official said that it will be “devastating to the organization,” adding that they were “chopping off the head of LulzSec.” FBI arrested Sabu first in June 2011 and this is since from then he has became a cooperating witness after found guilt to 12 hacking charges on August 12, 2011. Over the time, FBI has issued a press release which names the individuals involved as Ryan Ackroyd (Kayla); Jake Davis (Topiary); Darren Martyn (Pwnsauce); Donncha O’Cearrbhail (Palladium); Hector Xavier Monsegur (Sabu), and Jeremy Hammond (Anarchos).
The FBI says it will push Sabu into cooperating after he had been noticed and identified online, but there are also weird news surrounding that suggests he will not going to completely help US feds as he was still assisting with hacking activities. Adding to this, a conversation between Sabu and a hacker associated with LulzSec, Havittaja posted on Pastebin which indicates Sabu was continuing to support the efforts by providing passwords and website data.
— Havittaja (@Havittaja) March 7, 2012
The full text from Pastebin is below:
One of the last conversations with Sabu.
WHAT REALLY SABU WAS DOING.
A QUESTÃO É porque ele estava me dando senhas se ele estava com o FBI?
THE QUESTION IS why he was giving me passwords if he was with the FBI?
censored password obvious reasons
18:51 Havittaja hey
18:51 Sabu my brother!!!
18:51 Havittaja what’s happen
18:52 Havittaja ;D
18:52 Sabu FTP:
18:52 Sabu camaraindianopolis.mg.gov.br censored
18:52 Sabu sja.go.gov.br censored
18:52 Sabu root:
18:52 Sabu http://censored/core.php
18:52 Sabu ./core “id;cat /etc/shadow” for root
18:52 Sabu gov.br in: /var/www/vhosts/
18:52 Sabu ./core “cat /etc/psa/.psa.shadow” for admin password
18:52 Havittaja ohh
18:52 Havittaja its for me ?
18:53 Sabu I showed lala/hard366 as well but I don’t think they’ll do something with the root
18:53 Sabu also
18:53 Sabu for the first 2, they’re on the same server with hundreds of .br domains
18:53 Sabu you have control of them. I can give you the xml file with all passwords
18:53 Sabu want them?
18:53 Havittaja hm sure
18:54 Havittaja so i’ll wait evilc0de
18:54 Havittaja we working together
18:54 Sabu ok
18:54 Sabu the most important is the root. php shell: http://censored/core.php
18:55 Havittaja oky
ftp: camaraindianopolis.mg.gov.br user: censored pass: censored
ftp: sja.go.gov.br user: censored pass: censored
ftp: newsletter.editoraglobo.com.br user: censored pass: censored
ftp: diretorepocanegocios.com.br user: censored pass: censored
ftp: canais.tv.br user: censored pass: censored
ftp: canal.tv.br user: censored pass: censored
ftp: acertai.com.br user: censored pass: censored
ftp: emailsender.com.br user: censored pass: censored
ftp: guapiacu.sp.gov.br suser: censored pass: censored
ftp: tabapua.sp.gov.br user: censored pass: censored