Hacker who found vulnerability in web hosting software attacked several government websites, including Pakistan, Iran and Turkey.
A hacker who became an informant for the FBI directed hundreds of cyber attacks against websites of foreign governments, including Brazil, Iran, Pakistan, Syria and Turkey, The New York Times reported Thursday.
It was unclear whether the FBI explicitly ordered the digital attacks, but court documents and interviews suggest “that the government may have used hackers to gather intelligence overseas,” the Times wrote.
The figure at the center of the case is Hector Xavier Monsegur, who had become a prominent hacker with the activist group Anonymous, which has staged cyber assaults on MasterCard, PayPal and other commercial and government targets. Monsegur was arrested by the Federal Bureau of Investigation (FBI) and became an informant, helping the law enforcement agency identify other members of Anonymous.
Monsegur instructed a fellow hacker, Jeremy Hammond, to extract data from a long list of foreign government websites. And then that information—which included bank records and login details—was uploaded to a server “monitored” by the FBI, the Times reported, citing court papers.
The vast target list for hacking added up to over 2,000 Internet domains, including the Polish Embassy in Britain and the electricity ministry in Iraq, according to an uncensored court document cited by the Times.
Monsegur and Hammond had previously worked together to sabotage servers for Strafor Global Intelligence, an intelligence consultant firm based in Austin, Texas. “After Stratfor, it was pretty much out of control in terms of targets we had access to,” Hammond told the Times in an interview from a federal prison in Kentucky, where he is serving a 10-year sentence for the Stratfor attack and other hacking.
Hammond said he and Monsegur learned of a vulnerability that could be exploited in web-hosting software Plesk, which permitted backdoor access to thousands of websites.
A court sentencing statement said that Monsegur directed other hackers to pull data from Syrian government sites, including banks and various ministries, according to the Times. “The FBI took advantage of hackers who wanted to help support the Syrian people against the Assad regime, who instead unwittingly provided the U.S. government access to Syrian systems,” said the court statement quoted by the Times.
Monsegur’s location is unknown and his sentencing hearing has been delayed repeatedly, fueling speculation that he remains an informant for the U.S. government, the Times wrote. The report reinforces allegations that the U.S. government has exploited flaws in Internet security to spy on foreign targets.
The FBI was not immediately available for comment.