The New York Times has obtained copies of some unredacted court documents and has conducted interviews with people involved in the attacks coordinated by the US government through Sabu.
Monsegur was arrested in mid-2011. Ever since, he has worked with authorities on identifying hacktivists and conducting cyber operations against various targets. Court documents show that Sabu was “proactively” cooperating with the government, working “around the clock with federal agents.”
The man’s sentencing has been delayed several times, which indicates the fact that the government still needs his services. His current location is unknown.
During the time other hacktivists were not aware of the fact that Sabu was working with the FBI, the informant had provided Jeremy Hammond, another famous hacker, a list of over 2,000 domains that they were supposed to attack.
The list included government sites in Nigeria, Iran, Pakistan, Brazil and Turkey. Several high-profile websites from Syria, including ones connected to President Bashar Al-Assad, were also targeted.
Hammond, who was sentenced to 10 years in prison last year, was also instructed to hack into the systems of private intelligence company Stratfor.
Hammond has told The New York Times that Monsegur knew of a Plesk zero-day that could have been exploited to gain access to the backends of thousands of sites.
Gabriella Coleman, a professor at McGill University who’s currently writing a book about the Anonymous movement, has told the publication that court documents suggest that the FBI might be using hackers to obtain information that’s later passed on to other US spy agencies.
Chat logs between Hammond and Monsegur show that Monsegur provided Hammond with lists of foreign websites that he had to hack. Once the sites were hacked, sensitive information was extracted and uploaded to servers designated by Monsegur.
It’s difficult to say what exactly Sabu is assisting the US government with these days. He could be helping authorities in identifying members of the few hacktivist groups that still pose a threat.
It’s worth noting that many hacktivists are extra cautious about who they work with after the world learned that Sabu was the one who ratted out members of LulzSec. They’re aware that these days, anyone could be an undercover agent.
On the other hand, Monsegur could also be helping them in breaching the systems of foreign governments to make the NSA’s job easier.