Mr. Keys (Photo: Twitter)

Matthew Keys, the 26-year-old social media editor at Reuters who was indicted by the Department of Justice yesterday for collaborating with the hacktivist collective Anonymous, has been suspended from Reuters with pay. Now, reporters are working to cobble together details of his checkered online past.

BuzzFeed reports that along with building a dedicated Twitter following of over 20,000 people and creating popular Twitter parody accounts like PendingLarry, Mr. Keys established himself in the early aughts as an infamous LiveJournal troll, who went by several usernames, the most popular being "madrigalskylark." His presence on the online diary site was so well-known that it warranted its own entry on Encyclopedia Dramatica, a Wikipedia-type platform that chronicles the goings-on of 4chan and hacker culture.

Madrigalskylark's entry reads:

Obsessive LiveJournal user madrigalskylark is known for his attention whore antics, leaving phony suicide notes, passive-aggressive bitchiness, and use of the victim role to earn sympathy from naive, unsuspecting morons. Or gluttons for punishment, depending on how you look at it.

BuzzFeed also links to a fully fleshed out Wikipedia page that user edit history indicates Mr. Keys wrote about himself. The page chronicles everything from the details of his early childhood (he split time between Vacaville, CA, Germany and El Paso, TX) and his past relationships. ("In May 2006, Matthew began dating 'Jeffrey' from the Sacramento area. In early July, Matthew broke up with 'Jeffrey' after discovering 'Jeffrey' was cheating and moving to Los Angeles. Matthew is currently single.")

The entry also contains a detailed trivia section with gems such as, "In high school, Matthew was known as 'The Guy Who Likes John Mayer'" and the factoid that he previously maintained "eight LiveJournal accounts, five Xanga accounts and three Blogger accounts."

"Once again, loser gay boys with way too much time on their hands are discussing me on LiveJournal," reads one of the quotes on Mr. Keys' self-built Wikipedia page. The page also states that Mr. Keys "may have had the first ides of a social networking website on the Internet similar to MySpace."

On a post about Mr. Keys on Gizmodo, commenters chimed in to share their experiences with him. A handful claimed that when they turned Mr. Keys down for romantic relationships, he would create "defamatory (and 90% falsified) websites" or Craigslist postings about them. One commenter wrote on Gawker:

He would make life hell for people who refused to date him. He would stalk and use his tenuous grasp of early social networking to create shitty websites and Craigslist posts full of lies and material created to defame people he didn't like.

He did this to me, he kept trying to get me to go out with him. I refused. Instead of attacking me he went after one of my friends (who he thought was my Boyfriend). He posted fake profiles on dating sights, and posts on Craigslist with his image, with copy that stated that he had herpes, HIV and other diseases.

He would go online and impersonate him, furthering these lies. This got so bad that my friend left the state, his job, and all of his friends almost over night. Everywhere he went people would come up and ask him if he was "that guy form the Craigslist posts" or "the herpes dude". My friend was one of several people that Matthew did this to. Most of them were targeted because they refused to date him, still there were others that he attacked for reasons unknown to me.

Another Gawker commenter wrote that when he asked Mr. Keys to stop talking to him, "he tried to blackmail me with (what he thought were) nude pics of me. Threatened to send them to all of my coworkers, all of my Facebook friends, etc."

Despite his alleged involvement with Anonymous, Mr. Keys actively leaked information to websites like Gawker about the goings-on in hacker IRC rooms. He also used the information gleaned from his conversations with Anonymous members to inform reporting he did for Reuters.

Sabu, the LulzSec hacker turned FBI informant, tweeted about Mr. Keys back in March 2011, but the tweet flew under the press radar. The AP reports that one day after it was announced that Sabu was an FBI informant, Mr. Keys wrote a story for Reuters about how he had "infiltrated" the hacker group. It's unclear whether this is a coincidence, or if Mr. Keys believed Sabu would snitch on him and made an attempt to cover his tracks by publicly claim to have infiltrated Anonymous instead of copping to collaborating with them.

An anonymous source told Betabeat that Mr. Keys said the day before news of the indictment broke that he was worried he would be fired. Mr. Keys has since claimed on Twitter that statement was unrelated to the indictment.

The AP reports that the former KTXL Fox 40 producer, who allegedly shared login credentials with members of Anonymous so that they could deface articles on the Los Angeles Times website, is scheduled for arraignment in Sacramento on April 12th. "Reuters spokesman David Girardin said the company was 'aware' of the indictment when Keys was hired last year, but he declined further comment," wrote the AP. The story has since been altered to reflect the official Reuters statement:

“We are aware of the charges brought by the Department of Justice against Matthew Keys, an employee of our news organization. Thomson Reuters is committed to obeying the rules and regulations in every jurisdiction in which it operates. Any legal violations, or failures to comply with the company’s own strict set of principles and standards, can result in disciplinary action. We would also observe the indictment alleges the conduct occurred in December 2010; Mr. Keys joined Reuters in 2012, and while investigations continue we will have no further comment.”

Mr. Keys claimed to have found out about the indictment on Twitter. Shortly after news broke of the indictment, Mr. Keys tweeted the following:

https://twitter.com/TheMatthewKeys/status/312348676448219137

A Reuters employee told Reuters (yup) that Mr. Keys' work station was being dismantled and his security key card had been deactivated.

The Ventura, California based law firm Jay Leiderman announced on Twitter that they plan to represent Mr. Keys. "We fight the man for you," reads the firm's Twitter bio.

Update: A tipster who spoke under condition of anonymity provided Betabeat with the following screenshots from Mr. Keys' Facebook profile. Since news broke of his indictment last night, he's addressed the issue twice on his page:

The first post, published shortly after news of the indictment broke on Twitter.

The second post, shows Mr. Keys taking issue with (or making a joke about) a sentence in an AP story about him.

(Screencap: MIT.edu)

Hackers have defaced the MIT.edu website in response to the death of Internet activist Aaron Swartz, who was being prosecuted with the cooperation of M.I.T for illegally downloading JSTOR files over the university's network and uploading them for free use by the public. Mr. Swartz hung himself in his Brooklyn apartment 10 days ago, and a memorial was held for him at Cooper Union in New York on Saturday.

The MIT website has been defaced to display a black screen with the text of a blog post from Mr. Swartz's blog superimposed overtop. "R.I.P. Aaron Swartz," reads bolded white text in the middle of the site. "Hacked by grand wizard of Lulzsec, Sabu. God Bless America. Down with Anonymous." (Please also note that it says "Reddit sucks k" in the righthand corner. Lulz.)

Betabeat has been unable to confirm whether or not the hack was indeed the responsibility of the hacker crew Lulzsec, though we have to guess it wasn't done by Sabu, since the former LulzSec operative was outed as an FBI informant last year.

Upon refresh, it appears the website has been taken offline, serving the message "This website is offline. No cached version is available."

Update: Aaaaand we're back.

U mad?

LulzSec's Raynaldo Rivera has confessed to hacking Sony Pictures via SQL Injection in 2011. The hacker formerly known as "neuron," "royal" and "wildicv" will have to pay restitution and could face up to five years in prison.

With his plea, Mr. Rivera admitted to filching and publishing user info from Sony Pictures' website, collecting data such as names, birth dates, email addresses and passwords.

Mr. Rivera now knows what some still hacking in the wild may not--services that offer to hide your IP address are not foolproof.

Hackers know they have to cover their tracks. Mr. Rivera tried, but he discovered something unfortunate, which is that some proxy services will cooperate when confronted with legal action:

However, Rivera had not been careful enough in disguising his tracks - and HideMyAss co-operated with the authorities when a court order was received by the anonymising proxy service.

Sony says it incurred a $605,000 loss from the hack. Combined with fines, that means Mr. Rivera will ultimately owe Sony and the users whose information he hacked nearly a million dollars.

Hacking can indeed hurt some butt. (Screengrab)

NBC News is reporting the millions of Apple Unique Device Identifiers (UDID) hackers say they snatched from an FBI agent's laptop actually came from Blue Toad Publishing, a Florida-based app developer. NBC reports that Blue Toad "provides private-label digital edition and app-building services to 6,000 different publishers, and serves 100 million page views each month."

A researcher named David Schuetz contacted Blue Toad last week with the suggestion the data actually came from them, and the company's engineers conducted a forensic analysis:

Paul DeHart, CEO of the Blue Toad publishing company, told NBC News that technicians at his firm downloaded the data released by Anonymous and compared it to the company's own database. The analysis found a 98 percent correlation between the two datasets.

Mr. DeHart told NBC that his company has "100 percent confidence" that the currently available UDIDs were in their system and likely hacked from Blue Toad servers a couple of weeks ago.

As NBC reports, Apple and the FBI have issued denials in connection with the hacker's claims regarding the data, which surfaced early last week. The FBI has denied the UDIDs were snatched from the compromised laptop of Special Agent Christopher K. Stangl and along with Apple insists it is not colluding with the feds in using the identifiers to track private citizens.

Anonymous and AntiSec, the sub-collective that released the initial 1 million numbers, have used the leaked UDIDs and their alleged connection to the FBI to shore up a contention that the government is invading our privacy and creating a dystopic surveillance state. If the numbers actually came from Blue Toad, has AntiSec resorted to what amounts to a kind of "false flag" operation to try and make a point?

At this time no Anonymous-associated Twitter account has responded to NBC's report. We will update this post if they do.

The initial response might include the question, what the heck was Blue Toad doing with all those numbers sitting in its servers in the first place?

U mad?

The Federal Bureau of Investigation has issued a statement regarding Antisec's claim of having hacked over 12 million unique Apple user IDs from an agent's laptop: the feds say that's bullshit.

AllThingsD reports the FBI states that it is "aware of published reports alleging" Agent Christopher Stangl's laptop was breached "and private data regarding Apple UDIDs was exposed."

The FBI begs to differ:

At this time there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.

As AllThingsD notes, one of Antisec's main goals was to alert the public to a "top American law enforcement agency" possibly making this list for what may very well be nefarious reasons--perhaps furthering a persistent hacktivist concern about creeping surveillance states.

The @AnonymousIRC Twitter account has already posted what appears to be a response to the FBI's denial:

Also, before you deny too much: Remember we're sitting on 3TB additional data. We have not even started. #funtimes #fff

— AnonymousIRC (@AnonymousIRC) September 4, 2012

One question still unanswered--was that really President Obama's iPad user ID? If so, the leader of the Free World may now be restoring his tablet to avoid having his Words With Friends screen name revealed.

PasteHTML states that the number of UDIDs leaked from the hack is 985,117. If you are concerned your own UDID is in that batch of data you can use this tutorial to find it.

We have contacted the Obama campaign for comment regarding this claim and will update if we receive a response.

Hacking can indeed hurt some butt. (Screengrab)

Hackers post their ideas of epic lulz on Pastebin all the time but it appears a late drop on Monday night by AntiSec, an Anonymous-affiliated group of hackers, could be pretty impressive if the claims prove true.

After the usual giddy preamble, Antisec explains in their Pastebin post how they snagged 12 million FBI-related Apple Unique Device Identifiers (UDIDs)--though at the moment they claim they've only posted 1 million:

During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of "NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device,type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc.

The statement goes on to slam Gawker's Adrian Chen and express support for Wikileaks, Julian Assange and Pussy Riot, the Russian punk rockers recently convicted of "hooliganism."

As far as this claim goes, it's worth the trouble to track a few things down.

• The AtomicReferenceArray vulnerability in Java--This exploit was first disclosed in January, 2012. IBM's Internet Security Systems states the flaw makes it easy for a hacker to slip into the vulnerable computer and write and implement their own files.
• The unfortunate Christopher K. Stangl is, according to his LinkedIn page, a supervisory special agent with the Federal Bureau of Investigation. He has been with the FBI since 2003 and does indeed work out of the Greater New York City area.

The post ends with further shout-outs and a non-sequitur in German, "Romney aber, sag's ihm, er kann mich im Arsche lecken!"--in English, "Romney, however, tell him he can kiss our asses!"

So on top of hacking Mr. Stangl's files and possibly compromising millions of Apple devices, the hackers are also clearly not Republicans.

An interesting addendum to this claim: Agent Christopher Stangl also appeared in this January Pastebin post of what appeared to be a hacked email to multiple law enforcement officials regarding an "Anon-Lulz International Coordination Call." The call was intended to discuss "Anonymous, Lulzsec, Antisec, and other associated splinter groups."

Groups which will apparently now be up for some intense discussion by the same officials, very soon.

(Photo: Shirley Hornstein via TechCrunch)

"It feels as if the technology innovation wars are no longer over one piece of technology or another, but over us humans." [CNN]

Exposing a Valley grifter and her horrible Photoshop skills. [Techcrunch]

Zynga's chief creative officer is leaving the company to launch his own startup. Oh pretty please can it be another Facebook game company? We need one of those. [AllThingsD]

Another Lulzsec hacker has been arrested, and we assume cops did not do so for the lulz. [BBC]

Google ruined the simple design of its homepage with a tacky ad for the Nexus 7. [New York Times]

The latest New Yorker tells the tale of one George Hotz, AKA geohot, the first person to jailbreak the iPhone and PS3. He ran afoul of Sony for the latter and found himself facing a lawsuit. That’s when Anonymous stepped in, opening an #OpSony IRC room and spitballing ideas like shitting upon the CEO’s stoop.

But the sound of Anons riding to his rescue didn’t exactly fill Mr. Hotz with unmitigated joy:

Back in his parents’ house, in front of the glowing computer screens in his cluttered bedroom, Hotz clicked with mounting apprehension through the news of Anonymous’s plans. “I hope to God Sony doesn’t think this is me,” he remembers thinking. He didn’t believe in secretive online warfare, much less in defecating on someone’s doorstep. “I’m the complete opposite of Anonymous,” he told me. “I’m George Hotz. Everything I do is aboveboard, everything I do is legit.”

First came a DDOS attack against the Sony site. Then came hacks of the PlayStation Network (Anonymous denied responsibility) and the Sony Online Entertainment network (a file titled "Anonymous" was found buried in a server). Then there was LulzSec's hack of the Sony Pictures site. By the time it was all said and done, there was quite a bit of customer information floating around the internet and people were changing their passwords accordingly.

With all due respect to the hacker collective, we can't say we're terribly surprised this effort fell somewhat short of John Wayne riding over the ridge, flags flying and bugle blaring.

(foxnews.com)

Well, there’s one thing former LulzSec ringleader Hector Xavier Monsegur, AKA Sabu, doesn’t have to worry about any more. The AP reports a judge has agreed to dismiss his impersonation case, contingent on six months of good behavior.

The impersonation charge is only indirectly related to Mr. Monsegur’s hacking. Asked for ID by a cop back in February, he allegedly told him, "Relax. I am a federal agent." That, as it turns out, was a mistake, though only a misdemeanor.

Of course, there’s also the infinitely more serious matter of Mr. Monsegur’s federal charges, which are most definitely related to his hacking. When originally busted last June, his prospects looked pretty bleak: He was facing well over a century in prison. But rolling over on the rest of LulzSec should help at least a little.

But that cooperation does have its downside. The 28-year-old hacker-turned-snitcher wasn’t at his hearing to hear the good news, and his lawyer cited safety concerns to the court. And there are plenty of people who are none too pleased with Sabu: Five of his onetime compatriots still face justice. Apparently the threats are bad enough that federal prosecutors have discussed the possibility of the witness protection program.

All in all: Sucks to be Sabu.