Please Support SilentVector:

Friday, July 17, 2015

One Hacker Walks, Another Falls - An Odd Timeline of Events

Thanks For the Story, Fox

While sifting through the coverage of the DarKode website take-down on July 15, none of the articles caught my eye except one from Fox News.  I am not particularly a fan of Fox, but two paragraphs caught my attention:

"Some of the targets were responsible for hacking into Sony's PlayStation Network and Microsoft's Xbox Live services last year around Christmas, authorities said.

British authorities in January arrested an 18-year-old man for computer hacking offenses related to the disruptions but hadn't released his name. The South East Organized Crime Unit said then it had worked with the FBI."(1)

I ignored the rest of Fox's article because it was the same drivel everyone else was posting on their news sites.  The only high profile hack involving Xbox and PlayStation I could remember from around that time involved the Lizard Squad.  It seems Fox might have been on to something if they would have followed their leads a little deeper.

KMS and #freeKMS

After a bit of looking around Lizard Squad's Twitter, I found the following Tweet:

Rory Stephen Guidry a.k.a "KMS" has a court hearing scheduled for Friday July 17 at 10:00 am at the United States District Court, Western District in Louisiana(2).  A report on The Daily Dot(3) alleges Mr. Guidry was acting as an informant for the FBI.  The #freeKMS hashtag on Twitter is another interesting source of information and will most likely continue to be after KMS' hearing.

An Odd Timeline of Events

There have been a series of interesting computer security events in the past four years:

- In the summer of 2011, hacktivist blackhat Hector Monsegur (known as Sabu) became an informant for the FBI.

- Computer hacker Jeremy Hammond was arrested on March 5, 2012 for allegations of hacking the Stratfor security firm.
- Journalist Barrett Brown confirmed one of his arrests via Twitter on March 6, 2012.  Mr. Brown was arrested again on September 24, 2012 for allegedly threatening an FBI agent.  He was held in pre-trial confinement until he was indicted on additional charges relating to Jeremy Hammond's Stratfor case.

- In April 2012, NSA security contractor Edward Snowden uncovers Project PRISM.  Further "Snowden Leaks" show the unconstitutional surveillance by the United States of its own citizens, as well as foreign governments and persons of interest around the world.  Mr. Snowden remains in Russia under asylum.

- Ross Ulbricht was arrested in early October 2013 for his alleged administration of the DarkNet market Silk Road under the alias "Dread Pirate Roberts."

Jeremy Hammond was convicted in November 2013 for hacking Stratfor.

- Lizard Squad conducts DDoS attacks against Sony PlayStation in 2014, Tweets a bomb scare, and forces an American Airlines flight to make an emergency landing.  The flight was carrying Sony Online Entertainment President, John Smedley.
- On November 24, 2014 a hacking spree begins against Sony and ends up costing the company approximately $100 million in damages.  The attack was supposedly carried out by North Korea in retaliation for the production of the comedy film, The Interview.  There are conflicting reports, but the attack is said to have "ended" on December 24, 2014.

- Lizard Squad begins a DDoS attack against Sony PlayStation and Microsoft Xbox networks in December 2014.  After a slight reprieve after Christmas 2014, attacks picked back up again in January 2015.

- In January 2015, British authorities "arrest an 18-year-old man for computer hacking offenses related to the disruptions but hadn't released his name. The South East Organized Crime Unit said then it had worked with the FBI."(see 1)

- Ross Ulbricht's trial begins on January 12, 2015 and comes to be known as the "Silk Road Trial."

- Barrett Brown is convicted on January 22, 2015.

- Ross Ulbricht is convicted on February 4, 2015.

- In June 2015, the information of 4 million United States federal employees is stolen from the servers of the Office of Personnel Management (OPM).

- Italian-based security firm "Hacking Team" is breached on July 5, 2015.  400 gigabytes of emails and company information is posted to the website WikiLeaks.

- On July 8, 2015 unnamed Lizard Squad member walks free after being convicted of 50,700 counts of computer crime.  The same day, the New York Stock Exchange (NYSE) is knocked offline for nearly four hours, the Wall Street Journal is taken offline, and United Airlines flights are grounded because of a "computer glitch."  Authorities claim the attacks are not connected.  The White House reports there is no suspected "nefarious actor" involved in the NYSE blackout, even though a popular Anonymous account on Twitter seemingly "predicted" the outage the evening before.

- Nearly 22 million more federal employee records are stolen from the OPM's servers on July 9, 2015.

- On July 15, 2015 the malware marketplace DarKode is taken offline.  The United States Justice Department cites 12 charges in relation to the site, 28 arrests are reported by Europol in a coordinated effort the FBI has called "Operation Shrouded Horizon."

- KMR's pre-trial hearing is scheduled for July 17, 2015.  KMR allegedly used to have ties with the Lizard Squad.

"Shrouded Connections"

It seems many of the events listed overlap one another at opportunistic times to draw media and therefore, public attention away from high-profile anomalies and the actions leading up to important court cases.  Many of these cases are surrounded by uncertain evidence introduced that allegedly violates American constitutional 4th Amendment rights.  There are also interesting examples of the Justice Department deciding, or not deciding, to press charges in relation to these alleged crimes.

Unexpectedly, Lizard Squad also announced on July 16 that it would no longer keep a record of any of its main Twitter accounts tweets for longer than one week.

As these and similar stories unfold, electronic and computer laws will continue to be a matter of concern among journalists and activists.  Voices of protest and dissent are important for the accountability of governments and the continuation of democracy and its processes.

DarKode Continuation

DarKode was an invitation-only website, where potential members were nominated by existing members.  A list of electronic exploits and accesses were listed by potential members after their nomination as a form of resume.  Existing members would vote potential members into the group.

DarKode's wares included bot-net rentals, computer code, malware, and access to databases of sensitive information.

Among those charged in connection with Operation Shrouded Horizon was Synthet!c, also known as Johan Anders Gudmunds of Sollebrunn, Sweden.  Synthet!c was allegedly DarKode's administrator.


(1) Fox News, July 15, 2015 (

(2) KMS' detention hearing scheduled for Friday, 17 July at 10:00 AM at the United States District Court, Western District, Louisiana. #FreeKMS
(3) The Daily Dot, July 16, 2015 (

Original FBI press release on Twitter:

No comments:

Post a Comment