News reports say the FBI has raided a home in Hamilton, Ohio as part of an investigation of LulzSec, the group responsible for a string of attacks on prominent targets in recent months.
Local media reports said the home, located on Jackson Road in Hamilton, Ohio, was the residence of a teenager who is believed to have played a role in the hacks of U.S. and British government Web sites. Though the teen is not named, a source with knowledge of the operation told Threatpost that he believes it is the individual who used the name m_nerva – one of two LulzSec members outed by the group last week in retaliation for leaking records of online chats involving top LulzSec members.
The FBI executed the sealed warrant on a house on Jackson Road in St. Claire Township on June 27th, according to Michael Brooks, a Special Agent in the FBI’s Cincinnatti, Ohio. Brooks declined to comment on any details of the search or the content of the sealed indictment, but said no criminal charges had yet been filed in the case.
The search is just the latest in a series of law enforcement actions against members of the shadowy, anarchic group, which has been on a high profile hacking spree since April. Last week, FBI agents searched the home of an Iowa woman and questioned her about her contacts to the group. On June 20, a joint operation between the FBI and UK authorities led to the arrest in Essex, United Kingdom, of 19 year-old Ryan Cleary on June 20.
Cleary is believed to have been a high ranking member of LulzSec, a splinter group that broke off from the Anonymous hacking collective. He is believed to have operated IRC (Internet Relay Chat) servers used by the group to communicate.
In the wake of his arrest there was a split within the ranks of LulzSec, with the group’s core leadership releasing personally identifying information (or “doxing”) two associates, who used the names “m_nerva” and “hann,” according to documents posted online by LulzSec members. Those documents identified m_nerva, who also used the online handles “cimx” and “rq42” as a “Marshal Webb” from Hamilton, Ohio. A source with knowledge of the investigation confirmed for Threatpost that m_nerva was the target of the raid.
Disgruntled LulzSec members alleged that m_nerva was involved in the hack of online gaming firm Eidos Interactive in May, though reporting on that hack at the time and a chat log created during the hack and leaked to the press cast doubt on whether he really was part of the group that attacked the company, defaced its Web page and made off with information on job applicants and the company’s source code.
Once an enigma, LulzSec’s membership is now mostly a matter of public record, as a series of documents identifying its core leadership have made their way onto the public Internet. In addition to the arrest of Cleary, recent reports claim to finger a LulzSec IRC administrator who used the handle Power2all. Recent reports have put a name to LulzSec’s leader and founding member, who uses the handle “Sabu,” as well. In March, another splinter group, using the name Backtrace Security, published a document that it claimed identified the leadership of the larger group, Anonymous, including many individuals who would go on to start LulzSec.