He's the man who helped hack Sony Pictures Entertainment last year, costing that corporation $600,000 in damages and driving down its share price. He's Cody Kretsinger, aged 23, a student at the University of Advanced Technology in Tempe, Ariz. He was set to graduate last fall, when he was arrested by the FBI.
Last week, he pleaded guilty to participating in the SQL injection exploit against Sony Pictures, which followed a series of attacks on the same company's Play Station Network. Operating under the handle "Recursion," Kretsinger was part of the LulzSec crew, which also included "Topiary" and "Sabu." The attack was described as exposing "a million users' personal data, 3.5 million digital and 75,000 music codes."
Last summer, it seemed to be all about the "lulz" ("laugh-out-loudz") as the merry LulzSec crew not only busted the defenses of high-profile enterprises and institutions -- including www.senate.gov, www.cia.gov, the Website of FBI-affiliate Infraguard, gaming sites, and a popular pornography site -- but crowed about their deeds on their now long-silent Twitter feed, The Lulz Boat. They even ran a jaunty, piratical Website (now closed).
Despite the damage, the LulzSec team could be funny. They also claimed to be hacktivists, pursuing their attacks, not for criminal purposes, but to advance causes like their support for Wikileaks and accused military secrets leaker Bradley Manning. To many young geeks and discontents, the LulzSec gang must have seemed, well, kind of cool.
Now, of course, we can match faces -- and lives -- to those handles. "Sabu" turned out to be Hector Xavier Monsegur, 28 years old, unemployed, operating out of an apartment on Manhattan's Lower East Side. We now know that, following his arrest, he immediately turned informer, helping law enforcement agencies monitor and seize fellow members of the hacking underground.
"Topiary" was identified as Jake Davis, an 18-year-old based on one of the UK's remote Shetland Islands, the tiny isle of Yell: population, 957; main industries, fishing, farming, and peat cutting.
We've also had a close-up view of Kretsinger. He was a model student who, according to the University's Website, hoped to end up working on network security at the Department of Defense or NSA.
Those career paths are likely closed to him. More seriously, he faces paying a high price for the "lulz" -- up to 15 years in federal prison. Pleading guilty, he told the judge: "I joined LulzSec, your honor, at which point we gained access to the Sony Pictures website."
Hacktivism isn't over, but here ends LulzSec, with something of a whimper -- and a powerful message to young geeks everywhere that hackers can be caught and punished. Kretsinger faces jail, Davis remains on bail -- with no Internet access -- and Monsegur, having signed a plea bargain, has plenty of time to enjoy his new reputation.
— Kim Davis , Community Editor, Internet Evolution