Did The Met Nab Voice Of LulzSec In Shetlands Raid?

The Metropolitan Police Central e-Crime Unit (PCeU) has arrested an 18-year old man in the Shetland Isles suspected of being a member of the Lulz Security (LulzSec) and Anonymous hacking groups.

The man is said to have the alias Topiary which is the name of a spokesman for both groups. He has featured in several TV broadcasts and had a Twitter account that covered hacking exploits until it was cleared on July 21 leaving the single message “You cannot arrest an idea”.

Convoluted world of hackerdom

In the world of hacking nothing is real and there is already doubt being spread that the police have arrested the right man. It seems strange that Topiary should have cleared his tweets just days before he was “arrested” – it looks like he was expecting a call from the constabulary.

News site DailyTech, backed by claims from anti LulzSec hacker The Jester (th3j35t3r), is sure that the real Topiary is a Swedish hacker who laid a false trail to a “troll” – a grudge framing of a person who has upset LulzSec or Anonymous.

Last month the blog site LulzSecurityExposed, run by a group calling themselves the Web Ninjas, supposedly “doxed” (documented – real world identity and details revealed) Topiary. The group is dedicated to exposing LulzSec members. They identified Topiary as Daniel Ackerman Sandberg a 23-year old from Uppsala, Sweden, a conclusion which coincides with The Jester’s beliefs.

Just to muddy the waters even further, the Web Ninjas also doxed the leader of LulzSec, who goes by the name of Sabu, as a Portuguese network technician named Hugo Carvalho. However, this claim seems to be called into doubt and there is an ongoing dialogue between the Ninjas and Carvalho in which he is providing the group with proof that he is not involved with LulzSec at all.

The plotting thickens

The Scottish troll, if the rumours prove true, is just a fall guy. The same is said to be true of Ryan Cleary who was arrested recently in Essex.

In the hacker world, Cleary, working under the name of Chippy 1337, has been linked with the leaking of server logs stolen from Anonymous. Cleary was assisted by XYZ, a hacker known as Robert Cavenaugh who may have been arrested by the FBI. Both were members of Anonymous and on the fringe of LulzSec, DailyTech claims, and punishment was meted out when their real names and addresses were published by Anonymous – which casts a different light on the skills of the arresting authorities.

There was a third “traitor” in the log leaking incident known online as Xero but thought to be Ryan King and speculation is that the Scottish arrest may turn out to be Xero and not Topiary.

Topiary’s hedged bet

It all sounds as though the police may have been duped but there are holes in the tale. There is no evidence that Cavenaugh was arrested and it is hard to tell whether we are talking bluff or double bluff.

There is no doubt that the PCeU have laid hands on some active hackers but who they really are depends on whether anyone cracks and confesses all or if the police computer forensics team can turn up something definitively compromising.