- Image 1 of 2
- Image 2 of 2
The infamous hacker known as Sabu who cooperated with the FBI for three years to take down his former associates and help authorities disrupt or mitigate cyber attacks including those targeting U.S. military, Congress and law enforcement websites was sentenced on Tuesday to time served.
Hector Monsegur aka “Sabu” appeared before Judge Loretta Preska in New York federal court where prosecutors and defense attorneys urged the court for leniency because of the hacker’s “extraordinary cooperation” with the government over the last three years. He faced 20 years in prison but received time served and one year supervised release. (Prosecutors say he served seven months at a New York federal prison for violating parole in 2012.)
Afterward the much-postponed sentencing, a smiling Monsegur received hugs and pats on the back from prosecutors and FBI agents who had worked on his case at some point, many of whom have since moved on to other positions or have left the government.
U.S. District Chief Judge Loretta A. Preska praised Monsegur’s “extraordinary cooperation” at least a dozen times during the sentencing Tuesday morning. Judge Preska lauded Monsegur’s round-the-clock efforts assisting the government in gathering evidence to build cases against his former associates; to inform the government of planned cyber attacks; to bait other hackers into giving up details that would later be used against them.
In March 2012, FoxNews.com first reported Monsegur’s arrest and then-secret cooperation with the government, detailing the extent of his eight months working with FBI agents to bring down his fellow associates within the hacking collective known as LulzSec.
FoxNews.com also described the night in June 2011 when the FBI knocked on Sabu’s door, arrested him and then flipped him. One of those agents had a front row seat in federal court on Tuesday and was overheard after court upon multiple occasions remarking on Monsegur’s apparently new clean-cut hairdo.
Charges were unsealed against five top LulzSec hackers on two continents who learned they’d been led by a turncoat.
A Chicago hacker, Jeremy Hammond, was also arrested as a result of Sabu’s work with the FBI, who orchestrated Sabu’s communications with Hammond, providing him with servers and direction to then pass along to Hammond. Hammond was sentenced before the same New York judge in the same courtroom months ago, and is now serving time in federal prison.
Prosecutors and defense attorneys detailed other examples of Monsegur’s cooperation, thwarting at least 300 cyber attacks over the last three years.
“It was truly extraordinary,” Preska said. "We don't often hear of this.”
Monsegur, 30, showed "extreme care" for a young cousin for whom he served as a guardian even as he was subjected to personal threats so severe that the FBI relocated Monsegur and some family members, Preska said.
Prosecutors say he served seven months at a New York federal prison in 2012 for violating his probation.
Monsegur addressed the court toward the end of the sentencing, telling the judge that he had learned his lesson and has painfully watched his family suffer as a result of his actions.
"I'm not the same person as four years ago," said Monsegur, who was arrested in June 2011 and pleaded guilty two months later.
“I assure you I’m not being smooth,” he told the court. “I’m ready to move on.”
Prosecutors said he helped disrupt or prevent hacks against divisions of the U.S. government including the armed forces, Congress, courts and NASA; international intergovernmental organizations; and several private companies, including a television network, a security firm, a video game maker and an electronics conglomerate.
Prosecutors said he prevented millions of dollars in losses and also pointed out vulnerabilities in infrastructure, including at a U.S. water utility and at a foreign energy company.
In one instance, Monsegur saved the government substantial time and resources by quickly establishing that a claim by Anonymous that it had hacked the U.S. electrical grid was a hoax, prosecutors said.
Monsegur first began hacking in 1999, breaking into thousands of computers over the next four years before trying to grow a legitimate computer security firm from 2004 to 2006. By the time FBI agents arrested him in June 2011 they’d already subpoenaed information about his alleged credit card fraud activity from his Facebook account.
In 2006, he began to hack into computers for personal gain, stealing credit card information, prosecutors said.
Starting in early 2011 and using the alias Sabu, Monsegur led an Anonymous splinter group called Lulz Security, or LulzSec, which hacked the computer systems of Fox television, Nintendo, PayPal and other businesses, stole private information and then bragged about its exploits online.
After his arrest, Monsegur immediately cooperated, giving the FBI a tutorial on the inner workings and participants of LulzSec and Anonymous, prosecutors said.
While incarcerated for seven months in 2012 for violating his probation Monsegur created and taught a five-hour long computer systems class to other prisoners. A syllabus was posted online Tuesday evening in court documents filed by his attorneys.
After sentencing Monsegur, Preska praised Sabu, urging him to use his computer skills for good.
“The things you did before were not so good,” Preska said. “You obviously have great skill and to deploy that skill for good would be a very good thing. You have done as much as any human being can do in terms of helping the government to make up for your past wrongs…I salute you for that.”
“I look forward to reading about your deploying your great skills for good.”
To reach this reporter email firstname.lastname@example.org
The Associated Press contributed to this report.