FBI nabs alleged LulzSec member in Sony Pictures hack case
Raynaldo Rivera is accused of using a SQL injection attack against the entertainment company
IDG News Service - A 20-year-old man surrendered to FBI agents on Tuesday for his alleged hacking of Sony Pictures, one of a wave of attacks executed last year by the hacking collective LulzSec.
Raynaldo Rivera, 20, of Tempe, Arizona, was indicted by a grand jury last week on charges of conspiracy and unauthorized impairment of a protected computer, according to a news release from the FBI's Los Angeles office. If convicted, he could face a maximum of 15 years in prison.
The arrest comes shortly after a judge postponed the sentencing of LulzSec ringleader Hector Xavier Monsegur, known by his nickname "Sabu," for his continued cooperation in the investigation. Monsegur provided information to the FBI, leading to the arrests of one American man and four in the U.K. in March.
LulzSec, short for Lulz Security, is now defunct but was an offshoot of the decentralized hacking group Anonymous. In May and June 2011, several Sony Pictures websites were hacked by LulzSec, revealing the unencrypted passwords for more 1 million people. Sony staff information was obtained, along with special codes for music and information in Sony databases.
Rivera allegedly used a proxy server to hide his real IP address and used a SQL injection attack against Sony, according the indictment, which was unsealed on Tuesday. The type of attack involves the input of commands into web-based forms to see if the backend database will yield information.
Rivera, who went by the online nicknames "neuron," "royal" and "wildicv," allegedly distributed Sony's information to other LulzSec members, who publicized it on the @LulzSec Twitter account, the indictment said. Damages to Sony exceeded $5,000.
Prosecutors allege Rivera worked with Cody Kretsinger, who was indicted in Sept. 2011 for the same attacks on Sony. Kretsinger allegedly provided the coupon codes along with email addresses and passwords for an extensive data release by LulzSec on June 2, 2011.
Kretsinger pleaded guilty in April and is scheduled for sentencing on Oct. 25, according to the FBI.
Send news tips and comments to email@example.com
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts