Mr. Keys (Photo: Twitter)

Matthew Keys, the 26-year-old social media editor at Reuters who was indicted by the Department of Justice yesterday for collaborating with the hacktivist collective Anonymous, has been suspended from Reuters with pay. Now, reporters are working to cobble together details of his checkered online past.

BuzzFeed reports that along with building a dedicated Twitter following of over 20,000 people and creating popular Twitter parody accounts like PendingLarry, Mr. Keys established himself in the early aughts as an infamous LiveJournal troll, who went by several usernames, the most popular being "madrigalskylark." His presence on the online diary site was so well-known that it warranted its own entry on Encyclopedia Dramatica, a Wikipedia-type platform that chronicles the goings-on of 4chan and hacker culture.

Madrigalskylark's entry reads:

Obsessive LiveJournal user madrigalskylark is known for his attention whore antics, leaving phony suicide notes, passive-aggressive bitchiness, and use of the victim role to earn sympathy from naive, unsuspecting morons. Or gluttons for punishment, depending on how you look at it.

BuzzFeed also links to a fully fleshed out Wikipedia page that user edit history indicates Mr. Keys wrote about himself. The page chronicles everything from the details of his early childhood (he split time between Vacaville, CA, Germany and El Paso, TX) and his past relationships. ("In May 2006, Matthew began dating 'Jeffrey' from the Sacramento area. In early July, Matthew broke up with 'Jeffrey' after discovering 'Jeffrey' was cheating and moving to Los Angeles. Matthew is currently single.")

The entry also contains a detailed trivia section with gems such as, "In high school, Matthew was known as 'The Guy Who Likes John Mayer'" and the factoid that he previously maintained "eight LiveJournal accounts, five Xanga accounts and three Blogger accounts."

"Once again, loser gay boys with way too much time on their hands are discussing me on LiveJournal," reads one of the quotes on Mr. Keys' self-built Wikipedia page. The page also states that Mr. Keys "may have had the first ides of a social networking website on the Internet similar to MySpace."

On a post about Mr. Keys on Gizmodo, commenters chimed in to share their experiences with him. A handful claimed that when they turned Mr. Keys down for romantic relationships, he would create "defamatory (and 90% falsified) websites" or Craigslist postings about them. One commenter wrote on Gawker:

He would make life hell for people who refused to date him. He would stalk and use his tenuous grasp of early social networking to create shitty websites and Craigslist posts full of lies and material created to defame people he didn't like.

He did this to me, he kept trying to get me to go out with him. I refused. Instead of attacking me he went after one of my friends (who he thought was my Boyfriend). He posted fake profiles on dating sights, and posts on Craigslist with his image, with copy that stated that he had herpes, HIV and other diseases.

He would go online and impersonate him, furthering these lies. This got so bad that my friend left the state, his job, and all of his friends almost over night. Everywhere he went people would come up and ask him if he was "that guy form the Craigslist posts" or "the herpes dude". My friend was one of several people that Matthew did this to. Most of them were targeted because they refused to date him, still there were others that he attacked for reasons unknown to me.

Another Gawker commenter wrote that when he asked Mr. Keys to stop talking to him, "he tried to blackmail me with (what he thought were) nude pics of me. Threatened to send them to all of my coworkers, all of my Facebook friends, etc."

Despite his alleged involvement with Anonymous, Mr. Keys actively leaked information to websites like Gawker about the goings-on in hacker IRC rooms. He also used the information gleaned from his conversations with Anonymous members to inform reporting he did for Reuters.

Sabu, the LulzSec hacker turned FBI informant, tweeted about Mr. Keys back in March 2011, but the tweet flew under the press radar. The AP reports that one day after it was announced that Sabu was an FBI informant, Mr. Keys wrote a story for Reuters about how he had "infiltrated" the hacker group. It's unclear whether this is a coincidence, or if Mr. Keys believed Sabu would snitch on him and made an attempt to cover his tracks by publicly claim to have infiltrated Anonymous instead of copping to collaborating with them.

An anonymous source told Betabeat that Mr. Keys said the day before news of the indictment broke that he was worried he would be fired. Mr. Keys has since claimed on Twitter that statement was unrelated to the indictment.

The AP reports that the former KTXL Fox 40 producer, who allegedly shared login credentials with members of Anonymous so that they could deface articles on the Los Angeles Times website, is scheduled for arraignment in Sacramento on April 12th. "Reuters spokesman David Girardin said the company was 'aware' of the indictment when Keys was hired last year, but he declined further comment," wrote the AP. The story has since been altered to reflect the official Reuters statement:

“We are aware of the charges brought by the Department of Justice against Matthew Keys, an employee of our news organization. Thomson Reuters is committed to obeying the rules and regulations in every jurisdiction in which it operates. Any legal violations, or failures to comply with the company’s own strict set of principles and standards, can result in disciplinary action. We would also observe the indictment alleges the conduct occurred in December 2010; Mr. Keys joined Reuters in 2012, and while investigations continue we will have no further comment.”

Mr. Keys claimed to have found out about the indictment on Twitter. Shortly after news broke of the indictment, Mr. Keys tweeted the following:

https://twitter.com/TheMatthewKeys/status/312348676448219137

A Reuters employee told Reuters (yup) that Mr. Keys' work station was being dismantled and his security key card had been deactivated.

The Ventura, California based law firm Jay Leiderman announced on Twitter that they plan to represent Mr. Keys. "We fight the man for you," reads the firm's Twitter bio.

Update: A tipster who spoke under condition of anonymity provided Betabeat with the following screenshots from Mr. Keys' Facebook profile. Since news broke of his indictment last night, he's addressed the issue twice on his page:

The first post, published shortly after news of the indictment broke on Twitter.

The second post, shows Mr. Keys taking issue with (or making a joke about) a sentence in an AP story about him.

(Screencap: MIT.edu)

Hackers have defaced the MIT.edu website in response to the death of Internet activist Aaron Swartz, who was being prosecuted with the cooperation of M.I.T for illegally downloading JSTOR files over the university's network and uploading them for free use by the public. Mr. Swartz hung himself in his Brooklyn apartment 10 days ago, and a memorial was held for him at Cooper Union in New York on Saturday.

The MIT website has been defaced to display a black screen with the text of a blog post from Mr. Swartz's blog superimposed overtop. "R.I.P. Aaron Swartz," reads bolded white text in the middle of the site. "Hacked by grand wizard of Lulzsec, Sabu. God Bless America. Down with Anonymous." (Please also note that it says "Reddit sucks k" in the righthand corner. Lulz.)

Betabeat has been unable to confirm whether or not the hack was indeed the responsibility of the hacker crew Lulzsec, though we have to guess it wasn't done by Sabu, since the former LulzSec operative was outed as an FBI informant last year.

Upon refresh, it appears the website has been taken offline, serving the message "This website is offline. No cached version is available."

Update: Aaaaand we're back.

(foxnews.com)

Well, there’s one thing former LulzSec ringleader Hector Xavier Monsegur, AKA Sabu, doesn’t have to worry about any more. The AP reports a judge has agreed to dismiss his impersonation case, contingent on six months of good behavior.

The impersonation charge is only indirectly related to Mr. Monsegur’s hacking. Asked for ID by a cop back in February, he allegedly told him, "Relax. I am a federal agent." That, as it turns out, was a mistake, though only a misdemeanor.

Of course, there’s also the infinitely more serious matter of Mr. Monsegur’s federal charges, which are most definitely related to his hacking. When originally busted last June, his prospects looked pretty bleak: He was facing well over a century in prison. But rolling over on the rest of LulzSec should help at least a little.

But that cooperation does have its downside. The 28-year-old hacker-turned-snitcher wasn’t at his hearing to hear the good news, and his lawyer cited safety concerns to the court. And there are plenty of people who are none too pleased with Sabu: Five of his onetime compatriots still face justice. Apparently the threats are bad enough that federal prosecutors have discussed the possibility of the witness protection program.

All in all: Sucks to be Sabu.

“Sabu,” as his Anon cohorts knew him, used to work at Manhattan-based Open Plans, a technology non-profit focused on using open data and software to improve transportation systems. According to Gizmodo, Mr. Monsegur used his work email address (xavier@openplans.org) to register domain names, a move both patently unprofessional and kind of silly.

Luckily, this minor security slip up turned out to be our gain. We contacted two of Sabu's former coworkers at Open Plans, who agreed to fill us in on what it was like to work with the most infamous snitch on the Internet.

“He worked as a sysadmin under pseudonym Xavier for a few months before being mysteriously fired,” one former coworker confided to Betabeat. “He was really chill, but too busy to play video games with us for some reason. ;)”

Oh, coy emoticon--you tease us so. Perhaps Sabu was too busy orchestrating large-scale attacks on PBS and Sony to worry about shooting zombies with his fellow Open Planners.

But Mr. Monsegur's impressive leadership skills apparently weren't evident to his coworkers. “I'm really surprised he turned out to be so far up in LulzSec,” another former coworker told us. “He seemed pretty nondescript, and was pretty quiet most of the time. He didn't seem that sketchy.”

Was he good at his job, we wondered.

“He seemed skilled at IT and ops, but not like he was amazing, you know?” one former coworker told Betabeat via Gchat. “[Sabu] wasn't particularly fast getting things done.”

For such a crappy neighbor, Sabu talked a lot at Open Plans about growing up in Alphabet City, and the increasing gentrification of the area.

“He talked about how he lived in Alphabet City forever and seemed kinda irked that now it was becoming a magnet for higher class NYC newcomers,” said our source. “He was obviously not rich. He seemed a bit ashamed of the fact.”

Unfortunately for Mr. Monsegur, it doesn't look like he'll be returning to the Lower East Side any time soon. He currently faces up to 124 years in prison. Nothing lulzy about that.

The F.B.I. may have snagged LulzSec by turning top hacker Sabu (Hector Xavier Monsegur) but if they thought that would put paid to hacking groups looking to make their bones, they were wrong. Welcome The Consortium, and their filleting of the porn site, Digital Playground. The Consortium didn't just cull passwords and emails of site admins, affiliates and users, they also discovered Digital Playground stored the credit card numbers of some 72,000 users in plain text. However if Digital Playground had your credit card for some reason, don't worry, The Consortium claims they play fair:

These credit cards are all plaintext but we will not be releasing or using as we do this for the love of the game not for profit and these peoples only crime was wanting some porn.

We cannot justify releasing these peoples credit card info, but remember it is DP that allowed this to happen, this could have been a different group.

And perhaps they may have done far worse when given this information.

Ars Technica reports the hack has been confirmed by A.V.N., which published a statement from Digital Playground that said in part:

Due to an alleged security breach, Manwin elected to temporarily shut down Digital Playground, and related websites, on March 5, 2012.

Manwin officially took over Digital Playground and related assets on March 1, 2012, and according to allegations, the potential breach may have occurred prior to that date.

As for The Consortium, in dropping the data they couldn't resist some finger-wagging at Digital Playground's administrators--and a subset of the site's users:

We did not set out to destroy them but they made it too enticing to resist. So now our humble crew leave lulz and mayhem in our path.

We not only have the 72k users of this site but also over 40k plaintext credit cards including ccvs, names and expiry dates. [...] And of course as this is a porn site there was no shortage of .mil and .gov emails in their user list.

The Consortium also stated that this is their "first release." The 'stay tuned' was implied.

via Fox News

Now that court documents have been unsealed, new details have emerged about Hector Xavier Monsegur, better known as LulzSec leader "Sabu" whose cooperation with the FBI helped facilitate an international raid on his top deputies earlier this week. Apparently in addition to being kind of a crappy neighbor, prone to noisy wrestling and rapping at the Jacob Riis housing projects on the Lower East Side, Mr. Monsegur was also a pretty willing informant.

Authorities were particularly careful about sealing documents related to Mr. Monsegur's arrest, noting that many LulzSec members knew his real identity and that hackers monitor public court dockets (how diligent!) and "dox" suspected government informants.

But we now know that Mr. Monsegur pleaded guilty to 12 criminal charges, including "three counts of conspiracy to engage in computer hacking, computer hacking in furtherance of fraud, conspiracy to commit access device fraud, conspiracy to commit bank fraud and aggravated identity theft," reports the Wall Street Journal. For those charges, he faces up to 124 years in prison.

Considering that sentence and the fact that Mr. Monsegur is a foster parent to his two nieces, it's not hard to imagine why he would be willing to cooperate (even though it made Anonymous sad.) But in court transcripts, the authorities intimated that Sabu went above-and-beyond.

"Since literally the day he was arrested, the defendant has been cooperating with the government proactively," sometimes staying up all night engaging in conversations with co-conspirators to help the government build cases against them, Assistant U.S. Attorney James Pastore said at a secret bail hearing on Aug. 5, 2011, according to a transcript released on Thursday.

During the course of his cooperation, the feds said Mr. Monsegur received intel about "upwards of two dozen [online security] vulnerabilities" daily from his fellow cyber-criminals. If this is their way of scaring the hackers who were indicted earlier this week, we're pretty sure its working.

Here's the full indictment (via Gizmodo)
Ackroyd, Et Al. Indictment

Mr. Monsegur has been cooperating with the FBI since as far back as June and made possible arrests and charges against five of his top LulzSec deputies. In response, Anonymous hacked the website for Panda Security, a Spanish antivirus firm, and exposed passwords of dozens of members of the company's staff. The group also left a message for Sabu at the top of the defaced site.The message accuses Panda of helping law enforcement with the arrest of 25 Anons in Spain and South America last year. It also contains what Forbes calls a "bitter goodbye letter" to their former compatriot:

“Yeah yeah, we know, Sabu snitched on us. As usually happens FBI menaced him to take his sons away. We understand, but we were your family too. (Remember what you liked to say?),” the note reads, likely referencing Sabu’s habit of rallying his radical hacktivist “brothers” on Twitter. “It’s sad and we can’t imagine how it feels having to look at the mirror each morning and see there the guy who shopped their friends to police.”

And you thought cyber-terrorists didn't have any feelings!

via Fox News

This morning, officials on two continents raided top members of the hacker group LulzSec, an offshoot of Anonymous. According to a Fox News exclusive, the evidence used against them had been gathered by Hector Xavier Monsegur or “Sabu,” who was outed as LulzSec's leader last June. Sources told Fox that Sabu had been working with the government for months.

Under the alias "Sabu," Mr. Monsegur, an unemployed, 28-year-old father of two, "allegedly commanded a loosely organized, international team of perhaps thousands hackers from his nerve center in a public housing project on New York’s Lower East Side."

Mr. Monsegur apparently started working as a cooperating witness when he was identified by the FBI and pleaded guilty to "hacking-related charges" in August, in a case that will be unsealed today.

Officials believe LulzSec is responsible for billions of dollars in damage for malwebolence against the CIA, FBI, defense contractors, Fox, and Sony, among other corporations, international banks, and government entities.

As part of the raid, three men were arrested and two were charged with conspiracy. The indictment was filed in federal court in the Southern District of New York and is expected to be unsealed this morning. Of the five suspects, two men were from Great Britiain, two were from Ireland, and one was from Chicago.

Among those expected to be identified in the indictment, says Fox, are Jeremy Hammond aka “Anarchaos,” of Chicago, Jake Davis, aka “Topiary,” and Ryan Ackroyd, aka “Kayla” of London. Mr. Hammond, reportedly also a member of Anonymous, was allegedly behind the hack on Stratford, the U.S. security firm. Last July, the UK police arrested a 19-year-old believed to be "Topiary," who was once called LulzSec's "No. 2." Mr. Ackroyd, Sabu's "top deputy," according to Fox, allegedly found vulnerabilities in the U.S. Senate's computer systems and sent the intel to Sabu.

“This is devastating to the organization,” said an FBIofficial involved with the investigation. “We’re chopping off the head of LulzSec.”

In sharing theories on why LulzSec, the tech-smart "rocker hackers" disbanded last June, The Week quipped, 'Why quit while you're ahead" Reason number one? Getting caught.

In June, LulzSec announced its retirement (after "50 days of lulz") with the tweet, "What a coincidence. George Orwell was born on this day. (25 June 1903)." Shortly after that, the group jumped back to the Anonymous bandwagon to continue hacking governments under "Operation Anti-Sec."