The $600,000 Joyride: Local hacker and former LulzSec member on why he went to prison
Published: October 30, 2013
“He said, ‘Hey man, there are groups forming, a bunch of close people I’ve known for a long time. You’ll learn a lot and I’d really like your help with this,’” says Rivera, who initially rebuffed him. “Then he was like, ‘You always ask about learning the next thing—how to get to that point where you know it—and this will do it.’”
Rivera ultimately assented and wound up speaking to the group’s leader, Sabu, aka Hector Xavier Monsegur. Anonymous is a loose, leaderless umbrella with numerous factions. As Anonymous as a whole became more interested in activism, some of the hackers and miscreants who liked the group’s former smart-ass irreverence and lighthearted, trouble-making ways began complaining. They missed their old maverick, wildcard style and beginning in April of 2011 developed their own section of Anonymous dedicated to no greater cause than their own amusement, or, in their parlance: “lulz.”
After some extensive vetting and vouching, Rivera was finally invited to the inner sanctum of their private chatroom where he talked freely with some very talented hackers. It was a heady couple weeks, before they told him it was time for him to get his hands dirty.
“Eventually when you’re idle a long time, the head honcho is like ‘you have to do something or you have to get out.’ And that’s where my involvement in Sony happened,” says Rivera, who went by the handle Neuron. “I knew what was gong to happen and, looking back, I should’ve said no … but [my] young, stupid self was more than happy to oblige.”
He continues, “I mean, I agree with a majority of Anonymous’ and LulzSec’s ideas—but at the core I was there for the knowledge. I didn’t have it, and they were considered the best at the time … They were doing a lot of crazy stuff, so I said ‘that sounds like a place to learn.’ And I did learn. Just talking to them I learned way more than I could’ve [in school].”
When the Whip Comes Down
Over the Memorial Day weekend in 2011, Kretsinger and Rivera compromised the Sony Pictures’ computers using a SQL Injection technique. This is a fairly common hacker trick that involves using security inadequacies to inject the hacker’s own code into that system. (The attack is notably distinct from the still unexplained—at least publicly—incident which brought down Sony’s Playstation Network.)
They made off with passwords and personal details of over a million users, then crowed on Twitter about how Sony shamefully failed to encrypt users’ passwords, and asked “Why do you put such faith in a company that allows itself to become open to these simple attacks?”
Though they took precautions, law enforcement ultimately subpoenaed information from UK site HideMyAss.com, a virtual private network which provides proxy servers to disguise the user’s source IP address. When the company turned over their records to the FBI, Kretsinger was a goner.
“I was there the night that Cody got raided and I talked to him after. He was freaking out. I remember thinking ‘that’s the end. They’re going to go through him to get to me,’” Rivera says of Kretsinger’s September 11 arrest. “I didn’t think they were going to actually get him to help, but he did.”