Jeremy Hammond - Show Transcript — Modem Mischief Podcast

Cold Open

The following presentation is not suitable for young children. Listener discretion is advised.

Christmas Eve 2011 was a Saturday. Thirty minutes before midnight, most people in Chicago were either nestled snug in their beds, attending a late-night mass, or trying to wrap the year’s hottest toy, a Mattel Sing-a-ma-jig, while blasted on egg nog.

But not Jeremy Hammond.

The 26-year-old scrawny white guy with dreadlocks was alone at his computer inside his red brick apartment in Chicago’s Bridgeport neighborhood.

Ordinarily, he’d do tonight’s job from a coffee shop or a university, using the publicly available WiFi. But because of the holiday, that wasn’t possible. He could also break into an abandoned building and piggyback off a nearby signal, but on Christmas Eve that was too depressing to think about.

Not that Jeremy had much Christmas cheer. A proud anarcho-communist, he had little use for religious holidays.

Jeremy put on some music.

[SFX: punk rock].

He took a swig of juice. A committed dumpster diver, He’d recently salvaged several gallons of the stuff from the trash bins outside a local Odwalla plant. Like many corporations, Odwalla threw away tons of perfectly good product. So much waste. One of the countless reasons why Jeremy felt corporations should be abolished.

But now, it was time for tonight’s work.

Jeremy pulled up his Tor browser, the weapon of choice for a hacker who wished to stay anonymous. He logged onto the internal servers for Strategic Forecasting, Inc., or Stratfor. Based in Austin, Texas, it served as a sort of private intelligence agency.

Say you’re a multinational corporation like Raytheon or Dow Chemical. Cyberattacks are a fact of life. From criminals, foreign spies, or even political activists.

You could always ask law enforcement for help. Or, you could hire Stratfor. The company was famous for its newsletter, but it also compiled intelligence reports, threat assessments, even dossiers on individual hackers. All of this for a cool $40,000 annual subscription fee.

In other words, Stratfor was an average cog in the military-industrial complex. And that made Stratfor Jeremy’s sworn enemy.

See, Jeremy wasn’t just an anarcho-communist, and he wasn’t just a hacker. He was also a member of Anonymous, the loosely organized hacktivist collective whose enemies included everyone from murderous Arab dictators to the Church of Scientology. More specifically Jeremy was part of an Anonymous splinter group called LulzSec. But we’ll get to that.

Jeremy broke into Stratfor’s servers earlier. Since then, he and his crew scoured them for every bit of information possible. But tonight, it was time to drop what Jeremy would later describe as a digital nuclear bomb.

He typed in the command and dropped his bomb. Within seconds, all of Stratfor’s servers were wiped clean.

Then he navigated over to the HTML page for Stratfor’s website, where he posted a prepared message:

MERRY LULZXMAS! ARE YOU READY FOR A WEEK OF MAYHEM? H0H0H0H0H0!

Below that, Jeremy uploaded documents containing Stratfor’s customers’ personal information, along with receipts proving that LulzSec had made charitable donations with their credit card numbers.

The message continued for thousands of words—as much a manifesto as a warning. It ended with the full text of French anarchist diatribe The Coming Insurrection, which concludes:

“It’s useless to wait . . . for the revolution. The catastrophe is not coming, it is here.”

With that, Jeremy logged onto IRC and sent his crew a message:

We in business.

Jeremy relished the thought that he’d just ruined Stratfor’s Christmas. And this was just the start. Jeremy planned to make hundreds of more hacks against similar targets, anyone he felt was a threat to individual freedom.

Jeremy knew this would make him a wanted man. But Jeremy didn’t know that he already was a hunted man, and the wolves already smelled blood.

On this episode: Chicago activism, Anonymous, Scientology, Wikileaks, drug cartels, betrayal, and the military-industrial complex.

I’m Keith Korneluk and you’re listening to Modem Mischief.

You're listening to Modem Mischief. In this series we explore the darkest reaches of the internet. We'll take you into the minds of the world's most notorious hackers and the lives affected by them. We'll also show you places you won't find on Google and what goes on down there. This is the story of Jeremy Hammond.

Act One

Now let’s rewind about eight years, and zoom out to about 6,400 miles to the east.

In the early morning hours of March 19, 2003, the US military sent an order to several warships, submarines, and warplanes: attack a series of targets as soon as possible.

At around 5 a.m. local time, those ships and planes began their assault. Dozens of Tomahawk missiles streamed into the early morning sky.

SFX: missiles launching and exploding

They would land on a series of targets that the US military designated as vital to the command structure of Iraq’s military. The Pentagon called this operation “shock and awe.”

News cameras captured it all. These were the first images broadcast from the Iraq War.

Jeremy Hammond saw them too. In fact, he’d anticipated these missile strikes—this war—for months.

The US, Britain, and its allies spent much of 2002 and the beginning of 2003 desperately trying to convince the world that invading Iraq was justified. Jeremy wasn’t buying it, and neither were millions of like minded people. Or at least, he hoped so. Today, he had no idea if anyone would back him up.

Even though Jeremy was just a high school student, he’d done his part to oppose the war. Along with his brother Jason, they’d started an underground newspaper criticizing the Bush administration and its increasingly warlike rhetoric. Their newspaper certainly wasn’t popular among their classmates, many of whom followed their parents in supporting the wars.

Jeremy and Jason used their newspaper to put the word out: the moment America invades Iraq, we’ll be there to oppose it. And now here Jeremy and Jason were, sitting in the school parking lot at Glenbard High School in suburban Chicago, hoping someone, anyone would show up to support the cause.

Jason put a hand on Jeremy’s shoulder.

Eh, screw ‘em. We can still protest, just the two of us.

But then, a car pulled into the parking lot. It belonged to one of his fellow students. His spirits lifted, just a bit. And then another car pulled up, and another.

Soon, over 100 of his fellow students gathered around the scrawny high school senior with bleached blond hair—the dreadlocks were just a dream at this point. He led them on a march to downtown Chicago, where they joined over 18,000 other war protesters. They did this with the full support of their school administration. The principal admired Jeremy. He would later say Jeremy always seemed older than his years.

Jeremy was born in 1985, and he was practically destined to be an activist. His father, Jack Hammond, was a guerilla filmmaker, music producer, and guitar teacher who encouraged his sons to speak out against injustice whenever they saw it. His mother, Rose Collins, was much more conservative and conventional, and she left her family when the boys were three. Rose paid child support.

Jeremy showed an aptitude for computers. Once, on a visit to an Apple store, Jeremy used a display computer to hack into the business’s books, then displayed them on a project in front of all the customers. He did this not as a prank, but to demonstrate the store’s poor security. The employees were grateful.

Jeremy was never studious but still got excellent grades. His mother Rose would later say he was a genius who lacked wisdom.

Really, there were two Jeremies…the activist who followed Gandhi’s call to be the change you wish to see in the world, and the hacker who wanted to use his skills to do just that. Jeremy wanted to change the system. As he’d later put it, he didn’t support leftist or right-wing ideals, but anarchy.

After organizing the Iraq War protest in high school, Jeremy enrolled in the University of Illinois-Chicago in the fall of 2003. There, he continued his political activism, rallying his fellow students in opposition to the war. Inspired by Chicago activist Abbie Hoffman’s Steal This Book, Jeremy launched Hack This Site, a website that encouraged its hackers to hack it to hone their hacking skills. Soon it was receiving hundreds of thousands of visitors a month.

But the good times didn’t last.

One day the fall of his freshman year, Jeremy discovered a vulnerability in the computer science department’s website. Just like he did at the Apple store as a boy, he hacked the site, installed a backdoor that would allow him unlimited access, then passed along the info to the webmaster.

But this time, the university wasn’t grateful. Jeremy had a disciplinary hearing. It didn’t help that he’d already been in trouble for weed possession and vandalism. Jeremy wasn’t invited back for the spring.

Without college as a distraction, Jeremy threw himself into Chicago’s political activist scene. He protested the Iraq War, and demonstrated for gay marriage, immigrant rights, and homeless rights. He also spent dozens of hours each week volunteering, building websites for nonprofit organizations or teaching underprivileged kids how to use computers.

In their spare time, Jeremy and Jason played with their ska band, Dirty Surgeon Insurgency.

Sfx: one of their songs maybe? (https://www.youtube.com/watch?v=cMuRsNMgtHc)

Yet getting kicked out of college was a transformative experience in Jeremy’s life. He’d been optimistic about the prospects of protesting peacefully within a system to effect change. Now, that didn’t seem to go far enough.

In 2004, he was arrested for fighting anti-gay protesters at a Pride parade. Jeremy felt also his two passions should be more intertwined—that hackers should be activists, and vice versa. He launched a publication titled Hack This ‘Zine.

In July 2004, Jeremy attended DefCon, an annual hackers’ convention in Las Vegas. There, he gave a fiery speech urging his fellow hackers to commit civil disobedience. In particular, Jeremy wanted hackers and activists to attack the upcoming Republican National Convention in New York City, which would see George W. Bush nominated for a second term.

We’d like to see every method of disruption possible, Jeremy said. Whether it be shutting down the power to Madison Square Garden, or defacing 10,000 different Republican websites. We’d like to see RNC delegates get harassed on the streets,

Fuck ’em up! Shut ’em down!

One person in the audience raised their hand.

Are you advocating terrorism?

One man’s freedom fighter is another man’s terrorist. Let them call us terrorists; I’ll still bomb their buildings.

The speech got the FBI’s attention.

Two agents from the Chicago field office surveilled him for weeks. They often observed him venturing into dumpsters for food. Finally, the agents approached Jeremy for a “friendly conversation.” They asked about the DefCon speech. Jeremy told the agents he was just trying to hype up the crowd, that he wasn’t actually going to blow anything up. He was just a college activist.

The agents left, but Jeremy knew they’d be watching.

Jeremy’s fellow hackers didn’t disrupt the Republican National Convention. All Jeremy and Jason could do was travel to New York City and do a “noise disruption” during the convention, banging on drums to interrupt the events.

[sfx]: banging on drums

He was detained and held at New York’s infamous Tombs prison, but ultimately not charged.

All of Jeremy’s leftist activism put him in constant conflict with his right-wing counterparts. Months after the RNC protest, Jeremy was arrested once again, this time in Toledo, Ohio, for trying to disrupt a protest by a group of white supremacists.

Naturally, these battles migrated online. One of Jeremy’s biggest nemeses was a website called Protest Warrior.

Protest Warrior and the people who founded it are Jeremy’s polar opposites, but in many ways they’re also Jeremy’s mirror image.

Protest Warrior was founded by an ex-film student named Alan Lipton and his childhood friend Kfir Alifa. Born in Israel, Alifa was working as a software designer who hated liberal San Francisco and the State of California’s income tax.

They felt that the leftist movement and its anti-war protesters were “morally bankrupt.” Lipton and Alifa began crashing leftist protests in 2003.

They weren’t violent, but it was clear what they stood for: capitalism, conservatism, and the American way of life.

Soon, they founded Protest Warrior with the slogan: “Fighting the Left…Doing it Right.” Rush Limbaugh gave them a platform on his radio show, and Protest Warrior became an online hangout for Bill O’Reilly fans, with over 5,000 members.

Jeremy hated Protest Warrior.

By now, Jeremy had a cohort of hackers he’d met through Hack This Site. He knew they could do the most damage online. In January 2005, Jeremy probed Protest Warrior’s website security and was thrilled to learn it was amateurish. Once inside, Jeremy created the username Weareeverywhere and accessed ports on every corner of the Protest Warrior server, including the database where it stored credit card numbers, which Protest Warrior members used to buy Protest Warrior merch.

He also couldn’t resist a little taunting. He uploaded a file to the server that read:

Hacker anarchists are everywhere!

Jeremy harvested around 5,000 credit card numbers. He planned to use these credit card numbers to make donations to organizations that Protest Warrior members loathed, like the ACLU or the American Communist Party.

Problem was, Jeremy didn’t know how to make donations with stolen credit cards. He asked one of his hacker friends for tips. They chatted about it online, but it went nowhere.

Even so, this would prove to be a huge mistake. This hacker—they haven’t been named—was beginning to disagree with the direction the hack was going.

Jeremy logged onto Indymedia, a collection of websites for hosting media, and he posted the names of Protest Warrior’s members, along with their email addresses, passwords, and phone numbers of along with a message:

“ProtestWarriors are fighting against the democratic process while claiming to uphold the ‘core values of this country,'” It is unpatriotic to blindly accept and obey the dogma of the ruling classes, and to lash out at peace activists who are trying to build a better world is intolerable. We’re shutting you down.”

Finally, he shut down Protest Warrior’s server.

The attack generated news headlines around the world. In retaliation, angry Protest Warrior members hacked Indymedia, which was innocent. Meanwhile, Kfir Alifa decided to investigate the matter himself.

Soon, Alifa discovered the user account Weareeverywhere and its unauthorized access to his servers.

Then, he had a stroke of luck. He noticed another suspicious account on his site, this one belonging to Jeremy’s disaffected hacker colleague. Alifa reached out to the hacker, and the hacker told him everything—including Jeremy’s real name, and his plan with the credit cards.

Finally, Alifa went to the FBI with what he knew. The FBI of course already knew Jeremy.

The FBI raided the apartment Jeremy shared with his girlfriend, then headed over to his father Jack’s house. Jack answered the door.

Jeremy, the FBI’s here!

Jeremy was just getting out of the shower. He threw on some clothes. He recognized two of the agents as the same ones who’d questioned him earlier.

Jeremy, we know all about Protest Warrior. What we’d like to know is the names of everyone involved.

I want to talk to a lawyer.

They left 10 minutes later. Over the next several months, Jeremy and his lawyers negotiated with the FBI. Jeremy claimed it was an act of political protest, not theft. He hadn’t actually charged anything on the cards.

But he refused to name names, so the Assistant US Attorney was threatening 30 years for the credit card fraud. He was also pushing for a $2.5 million fine--$500 for each of the 5,000 stolen cards.

While these negotiations were ongoing, Jeremy could have stayed out of trouble. Instead, he got arrested in 2006 for disorderly conduct after her spray-painted the words "While you are shoppin' / Bombs are droppin'” outside a Walgreen’s.

In the end, Jeremy agreed to plead guilty to “breaking into a computer system and obtaining information," a felony offense. He was sentenced to two years in a medium-security prison and ordered to pay Protest Warrior $5,358.

His friends from Hack This Site rallied to support him. They started a website, FreeJeremy.net, which attracted thousands of visitors a month and hosted a petition to set him free.

He finally reported in December 2006, after one last party with his Chicago hacker friends.

Jeremy had been arrested 10 times overall by the time he was 21, but this stretch was his first real prison time. No activism or hacking for the next two years.

But Jeremy wasn’t willing to give up. He was just getting started.

Act Two

And then you just plug everything into the quadratic formula, remember?

Jeremy pointed to the formula, printed on the textbook page.

How am I supposed to memorize this bullshit? His fellow inmate asked.

You don’t have to. They’ll give it to you on the test. All you have to do is remember which numbers go where. Start with the coefficients…

Jeremy worried about this guy’s chances. He’d tutored many of his fellow inmates over his almost two years at the prison in Greenville, Illinois. It was a good way to pass the time considering he was forbidden access to computers. But it was also a good way to give back from the inside, Or even give a little fuck you to the system. One of Jeremy’s causes has long been abolishing prisons.

As his student began solving the math problem, Jeremy’s cellmate approached.

Yo Hammond, check this out. I know you’re into that hacking shit.

He tossed today’s Chicago Tribune onto the table. There was a headline that read, “Church of Scientology Knows Anonymous.”

Jeremy skimmed the story. Apparently, a loose collection of hackers who called themselves Anonymous and liked dressing up in Guy Fawkes masks had declared an online war against the Church of Scientology.

Scientology, Anonymous claimed, was responsible for brainwashing its members as well as abusing copyright laws by trying to get a video of Tom Cruise endorsing the pseudo-religion removed from the Internet:

Tom Cruise: I think it’s a privilege to call yourself a Scientologist, and it’s something you have to earn. (https://youtu.be/UFBZ_uAbxS0?t=15)
The article went on to detail how Anonymous attacked the organization: urging its members to bombard Scientology’s servers with denial-of-service attacks, hosting documents stolen from said servers, or even just faxing Scientology centers all black pages to make them waste ink.

Amateurs, Jeremy thought.

True, he had no use for Scientology or any other money-making scam—

Just kidding! Hail Xenu and his mighty lawyers!

--But as far as problematic organizations were concerned, Scientology was way, way down Jeremy’s list of priorities.

Plus, these Anonymous types seemed more like a bunch of over-caffeinated teenaged pranksters than actual hacktivists. He set the paper aside and returned to his tutoring.

Jeremy was released from prison about six months later, in the summer of 2008. One of his parole conditions stipulated that he couldn’t associate with any of his friends from Hack This Site for three years. He moved back to Chicago and worked as a web designer. He was willing to leave his hacking behind, but the pull of real-world activism was just too strong.

In September 2009, Chicago was preparing a bid to host the 2016 Olympics. Like other Chicago activists, Jeremy felt that the Windy City was prioritizing the Olympics while neglecting its problems. So, Jeremy and his twin brother Jason printed a large banner promoting the 2016 Olympics, took it to Daley Plaza, and set it on fire. They were promptly arrested.

One week later, Jeremy and Jason learned that a Holocaust denier named David Irving was giving a speech in town. Jeremy and Jason and some friends crashed the event wearing all black and doused copies of Irving’s books with fake blood. Resulting in, you guessed it, another arrest.

Obviously, his probation officer looked poorly on this behavior. The second arrest got Jeremy 130 hours of community service and upgraded him to “enhanced probation.” This meant that his probation officer and the Chicago PD could raid his home at any time, for any reason. At one point, they would arrest Jeremy for possessing what he called “a bag of sage.”

Jeremy continued to dismiss Anonymous. But in December 2010, everything changed.

Jeremy had been following the saga of Julian Assange—and if you want to know more about Assange, check out episodes 25 through 27 of Modem Mischief.

In December 2010, the US government pressured financial institutions like Mastercard, Visa, and PayPal to refuse to allow donations to Assange’s embattled whistleblower organization, Wikileaks. In retaliation, Anonymous members launched “Operation Avenge Assange,” hitting those institutions with DDOS attacks.

Finally, Anonymous seemed to be getting its act together. They might not be particularly skilled hackers, but they were making a difference. Jeremy especially admired an Anonymous hacker who went by the name Sabu.

Sabu’s real name was Hector Xavier Monsegur. He was two years older than Jeremy. Born in New York City with Puerto Rican heritage, he grew up in the Jacob Riis projects. After his father and aunt went to prison for heroin trafficking when he was 12, he was raised by his grandmother.

Hector grew up surrounded by gang violence. He loved computers. His family couldn’t afford a fast Internet connection, but he figured out how hack EarthLink accounts and get online for free. He taught himself Linux.

In high school, Hector spent his spare time fixing the school’s computers. One day, the school’s head of security caught Hector with a screwdriver and confiscated it. Outraged, Hector accused the head of security of “corporal punishment.” When this went ignored, he distributed a homemade pamphlet to his fellow students, alerting them to this injustice.

Weeks later, he was expelled.

Without high school, Hector found solace online. He went by the name Sabu, borrowed from a flamboyant local wrestler who loved to brag. As Sabu, he took part in his first hacktivism. When the United States accidentally killed a Puerto Rican civilian during a live fire exercise, Sabu defaced Puerto Rican government websites with the message: Give us the respect we deserve. Or shall we take it by force? Cabron.

In 2001, when a hacker war broke out between America and China over a crashed spy plane, Sabu joined a small-time independent hacktivist crew called “Hackweiser” and crashed Chinese websites--and if you want to learn more about the Chinese side of that hacker war, check out episode 35.

In 2010, when Sabu was 26, his grandmother passed away and he was granted custody of his two young nieces, whom he viewed as his daughters. To support them, he turned to criminal hacking. He stole credit cards and cashed them

Like Jeremy, Sabu was impressed when Anonymous successfully attacked PayPal. Shortly after that hack, he signed up on Anonymous’s chat board as Sabu.

Once Hector joined Anonymous, he quickly showed his leadership and networking skills. He formed a splinter group of elite Anonymous hackers, which he called “Internet Feds.”

Early in 2011, the Arab Spring uprisings broke out. Internet Feds defaced government websites in Libya, Tunisia, Egypt, and Bahrain.

Jeremy watched all of this with interest. Internet Feds seemed to be the very thing Jeremy had advocated for in his DefCon speech–a loose collection of hacktivists who wanted to shake up the system.

In early 2011, Jeremy reached out to Internet Feds. Jeremy quickly ingratiated himself with Sabu and the other members of the group. It wasn’t difficult. Jeremy was a bona fide hacker whose skills surpassed anyone in Internet Feds.

At different times, the Anonymous splinter group had between 6 and 11 members. Like Hector/Sabu, all used pseudonyms, like Kayla, Palladium, or Topiary. To cover his tracks, Jeremy went by up to nine nicknames, including sup_g and Anarchaos,

But just as Jeremy was joining the group, tensions within the group were boiling over.

Sabu’s increasingly extreme tactics, and his tendency to brag about them, stirred dissent within the group. One disgruntled member published Sabu’s real name and identifying information. Soon after, in June 2011, the FBI showed up at Sabu’s door.

In fact, the Feds had been investigating Anonymous since the year before. Sabu knew he was busted, and he agreed to cooperate.

Jeremy and the other members of Internet Feds didn’t realize their leader was now an FBI informant. Shortly after his release, Sabu announced an operation called “50 Days of Lulz.” It would be a series of hacks against corporations, gaming sites, and porn sites. He would eventually change the name of their group to LulzSec. After 50 Days of Lulz, Hector announced another LulzSec project called “Operation Antisec.” This would be a series of strikes against governments, companies, and law enforcement agencies.

It’s likely Sabu did all of this with the FBI’s guidance, all to incriminate his own crew.

If Jeremy had any reservations, he ignored them. His first known operation with LulzSec was called Chinga la Migra, or “Fuck the Border Patrol.”

Recently, Arizona passed State Bill 1070, requiring immigrants to carry ID at all times. It’s one of the strictest immigration laws in the country.

In retaliation, Jeremy and his fellow LulzSec members broke into the website for the Arizona Department of Public Safety and published thousands of documents, like intelligence bulletins, training manuals, emails, and identifying information belonging to Arizona law enforcement.

Jeremy thought he’d finally found his people. His mind raced with possibilities. He came up with ideas for hundreds of hacks, both in the US and around the world.

Now, here’s where the story gets wonky.

Like we said, LulzSec had somewhere between 6 and 11 members, led by Sabu and including Jeremy. But there were many other members of Anonymous who aspired to join the elite crew.

But FBI had been monitoring Anonymous since 2010. It’s possible that some or all of these aspiring LulzSec members were already working with the FBI. We don’t know, and neither did the members of LulzSec—except for maybe Sabu. We’ll leave it to you to judge.

One of these aspiring members went by the handle Hyrriya, or H-Y-R-R-I-I-Y-A. They’d been lurking on the Internet Feds/LulzSec message boards for months, looking for a way to impress Sabu and the others.

In mid 2011, Hyrriya came across a news report indicating that Anonymous planned to target Mexican drug cartels. The report cited a private intelligence firm based out of Austin Texas called Strategic Forecasting, or Stratfor.

Like we said up top, Stratfor functions as a sort of subscription-based CIA. Its clients included corporations, law enforcement agencies, NSA officers, and more.

Stratfor’s reputation wasn’t much to speak of. Its monthly newsletter has been described as, “Whatever’s in the Economist, but a week later and exponentially more expensive.” It charged $30,000 for a yearly subscription.

Curious, Hyrriya poked around Stratfor’s website. They were shocked to discover that two of Stratfor’s internal databases didn’t even have password protection over Stratfor’s systems, which included intelligence reports, client data, and credit card numbers.

According to Hyrriya’s account of events, they sat on this development for two weeks before passing it on to Sabu:

So I hax this intelligence company. By accident, Hyrriya wrote. Im trying to see who are their sources. But I do have their clients. And it’s big clients.

Hyrriya went on to say that he had credit card information for Stratfor’s biggest clients, like Monsanto, Microsoft, Oracle, and Cisco.

Oh beautiful, Sabu responded.

Sabu knew this development could be a big score for LulzSec and its Antisec project. He also knew it could be a perfect opportunity to help the FBI snag some LulzSec members.

We don’t know whether Sabu passed along the news that Stratfor was hacked to his FBI handlers. We do know that within a day of his conversation with Hyrriya, he reached out to Jeremy to tell him about the security vulnerability.

For weeks afterward, Sabu watched as Jeremy and his LulzSec comrades raided Stratfor’s servers. They took off with over 200 gigabytes of information, which included 5.2 million emails, account information for approximately 860,000 Stratfor subscribers and clients, including 60,000 credit cards

LulzSec passed the emails on to Wikileaks, which began publishing them. Then, LulzSec began using the credit card numbers to make fraudulent donations—just like Jeremy tried to do with Protest Warrior.

While Sabu watched Jeremy, the FBI watched Sabu. His New York City apartment was under constant surveillance. Video cameras, microphones, even keystroke loggers on his computer.

On Christmas Eve, 2011, Jeremy and his cohorts launched LulzXmas, demolishing Stratfor’s servers.

Did Sabu organize LulzXmas? Or was it Jeremy? Did it happen under the FBI’s supervision, or did Sabu keep it from them?

We don’t know.

What we do know is that once Jeremy launched his nuclear bomb at Stratfor’s servers, the FBI had enough to incriminate Jeremy. Now, all it had to do was prove its case.

Act Three

Two days after the Christmas Eve hack, Jeremy couldn’t help but celebrate online with his LulzSec friends.

While logged in as his sup_g alias, Jeremy and another LulzSec hacker talked on Internet Relay Chat:

This stratfor shit was bigger shit than old shits. at least it deserves no critics, the hacker wrote.

Oh yes, Jeremy wrote back. notice no one is throwing around script kiddie comments...

this time was classy and thats perfect. we produced a cool video. we announced luzxmas. we hacked big shit. we donated by $1,000,000. and we destroyed a big serious intel corp.

In reality it was more like $700,000, but here the hackers were, openly taking responsibility for the hacks.

Of course, all of this online chatter went right onto an FBI server. For the FBI, the challenge was proving sup_g’s real identity.

Like we said, Jeremy was using Tor browsers, stolen WiFi signals, and up to nine online identities to conceal his tracks.

It was hard enough for the FBI to prove that sup_g was the same person as any of these aliases. Agents scoured Hector Monsegur’s/Sabu’s computer, combing through months of chat logs between Anonymous members and Jeremy and his various online aliases.

The other members of Anonymous knew most if not all of these aliases were the same person…he didn’t exactly alter his communication style for each one of them. Often, in one on one chats they would misname Jeremy, for example calling him Anarchaos when he was logged in as sup_g. Jeremy would immediately log off from the chat, but this was confirmation enough for the FBI that sup_g was also Anarchaos.

The full list of aliases includes:

Sup_g

Anarchaos

Burn

Yohoho

POW

Tylerknowsthis

Crediblethreat

Ghost

And anarchacker

By studying all nine of these identities, the FBI slowly teased out a sketch of their suspect. He mentioned friends getting arrested at a Midwest Rising protest against tar sands drilling in St. Louis, which likely placed him in the Midwest.

As both Anarchaos and yohoho, he mentioned getting detained but not charged during the New York City Republican National Convention in 2004. Through this lead, the FBI found Jeremy’s name.

They ran Jeremy’s criminal record and found that he’d mentioned several of his other run-ins with the law on IRC. As Anarchaos, he confided in Sabu about about being arrested for marijuana possession, which Jeremy had twice. He talked about going to federal prison for the Protest Warrior hack.

Jeremy talked about his criminal past not to brag, but to offer his advice and expertise to other Anonymous members who might be going to jail. Even so, this was the tissue that connected many of his aliases together.

As POW, he even talked about loving of eating discarded food, when he wrote: dumpster diving is all good i'm a freegan goddess

Agents checked records from earlier surveillance of Jeremy back in 2005, and noted that he had been seen going into dumpsters for food.

Sifting through all this evidence took two months. But another possible reason for the delay in arresting Jeremy? Julian Assange and Wikileaks.

Wikileaks had been a thorn in the US government’s side since Julian Assange presented the Collateral Murder video. The fact that LulzSec had passed on the Stratfor documents to Wikileaks meant that LulzSec was a strong lead towards a larger goal—snagging Assange and shutting down Wikileaks.

Over those two months in early 2012, Sabu repeatedly tried to contact Julian Assange through one of Assange’s assistants, only to be ignored. Given that the FBI was monitoring everything Sabu did and literally dictating his actions, it’s difficult not to conclude that the FBI was trying to use Sabu to get to Assange. However, Assange never took the bait.

Finally, on February 29th, 2012, the FBI finally had Jeremy’s physical location at his apartment in Chicago.

They spent the next six days monitoring Jeremy and his Internet activity. They noted his frequent use of a Tor browser. With Sabu’s help in New York, the FBI was able to confirm when Jeremy was and wasn’t on the LulzSec chat rooms on IRC or Jabber, which often coincided with periods when Jeremy was in and out of his apartment.

For Jeremy the early months of 2012 were difficult. He’d been an avid supporter of the Chicago chapter of the Occupy Wall Street movement. Lately, he’d been trying to support arrested members of the Occupy movement by hacking into the law enforcement agencies that detained them, but there was little he could do. On top of that, his father Jack was arrested in January for allegedly molesting an underage guitar student.

With the FBI’s supervision and guidance, Sabu continued to run LulzSec, assisting on other hacking operations to entrap members of the group. To maintain his cover, he continued angrily Tweeting from his account that now had tens of thousands of followers.

Finally, on the evening of March 5, Jeremy was smoking pot and chatting with friends in the kitchen of his Chicago home in Bridgeport, when the front door was kicked in. Someone threw a flash bang.

SFX: flash bang

Dozens of FBI agents in riot gear stormed into Jeremy’s apartment.

Get on the ground now!

They took him without a fight. He’d long known that arrest was a possibility after joining LulzSec, and by now he was grimly familiar with prison.

Like they had in 2005, Jeremy’s friends came to his defense. They started the Free Jeremy Hammond Committee, which quickly gathered thousands of followers on Twitter. This would keep a spotlight on Jeremy’s case. He hoped that would be enough to get him free.

Jeremy’s case went to the US Attorney’s office for the Southern District of New York. He was transferred from Chicago to New York City, where he hadn’t been since the 2004 RNC protests.

Jeremy, now 27, was housed in Manhattan’s Metropolitan Correctional Center. He struggled to stay out of trouble, testing positive for marijuana and receiving “disciplinary tickets” for rebellious behavior.

In total, Stratfor estimated that the damage done to its brand, due to the hack itself and the subsequent loss of subscriptions, totaled $2 million. On top of that, the FBI confirmed that Jeremy and his LulzSec cohorts charged over $700,000 on credit cards stolen from Stratfor’s customers.

The crux of Jeremy’s case hinged on his responsibility for the Stratfor hack. The government contended that Jeremy masterminded the whole thing. Jeremy’s lawyers countered that it had been Sabu who convinced Jeremy to hack Stratfor, and that it had been Hyrriya, the enigmatic wannabe LulzSec member, who’d first discovered the Stratfor vulnerability.

In May 2012, Jeremy’s lawyers produced a letter from Hyrriya. In it, Hyrriya took responsibility for the discovery in an attempt to absolve Jeremy—which leads to more questions. Like, if Hyrriya was an FBI informant, why try to sabotage the government’s case?

In the end, the government’s case was too strong. It had spent months collecting evidence against Jeremy that thoroughly showed he was involved with the Stratfor hack, if not directly responsible.

In November 2013, Jeremy got the maximum possible sentence: 10 years.

In a newspaper interview, he expressed no surprise or regret over his fate.

I knew when I started out with Anonymous that being put in jail and having a lengthy sentence was a possibility. Given the nature of the targets I was going after I knew I would upset a lot of powerful people.

But ten years was ten years. He’d be 37 by the time he was released.

A decade without access to the Internet, without the ability to protest, without being able to hang with his brothers or his friends. Unable to affect the outside world

Jeremy wondered if he’d ever be the same.

Act Four

Five years later, in November 2018, Jeremy was exiting his unit at Michigan’s Federal Correctional Institute-Milan. As he pushed the door open, he felt it bump up against a security guard.

Oh, sorry about that.

That’s Jeremy’s version of events.

According to the guard, Inmate Hammond deliberately slammed the door into him, stood his ground, and then shoved his shoulder into him.

Either way, what happened next wasn’t in dispute. The guard grabbed Jeremy, pushed him against the wall, and dragged him away to solitary confinement. Jeremy would stay in solitary for three weeks.

No stranger to prison life, this was just one more degrading experience for Jeremy. He knew he wasn’t the sort of prisoner whom the guards favored. Ever since his incarceration, the Free Jeremy Hammond Network had kept Jeremy’s case in the news. He’d given several interviews to the media from behind bars. He never showed remorse. Instead, he regretted not being able to hack any of the other hundreds of targets he wanted to as part of Operation Antisec.

But as the years went by, Jeremy’s stance softened. His experience with Anonymous hadn’t ended well. He’d been betrayed by someone he thought was a friend. After his stint in solitary, he would give one more interview, in which he said he would stay out of trouble.

As for Hector Monsegur aka Sabu, the hacker/social engineer and ringleader of LulzSec got off relatively easy. In May 2014, he was sentenced to seven months in prison for his participation with LulzSec and Anonymous. However, his cooperation with the FBI’s investigation meant that his sentence was converted to time served. He received one year of probation.

Sabu’s cooperation with the FBI ultimately led to the arrests of five other members of LulzSec. They include:

A 19-year-old Irish hacker named Donncha O'Cearrbhai (Pronounced “O’Carroll”), aka Palladium. Among other activities, he hacked the website for a tabloid owned by Rupert Murdoch and posted a fake obituary for Murdoch suggesting he’d ingested, you guessed it, palladium. His case dragged on until 2017, until he pleaded guilty to two counts of damaging a website in relation to a prank. His sentenced was suspended.

Then there was Kayla, who in reality was a 25-year-old British ex-soldier named Ryan Mark Ackroyd. He was sentenced to 30 months in prison for hacking Sony as part of LulzSec.

Then there was 18-year-old Jake Davis, who lived in Great Britain’s Shetland Islands and went by the name Topiary, along with his friend from Essex, Ryan Cleary, who simply went by “Viral.” They were part of the hack that humiliated Anonymous’ nemesis, HB Gary CEO Aaron Barr. Davis was sentenced to two years in prison but was released early, while Cleary was sentenced to 32 months.

Finally, there was Tflow. He’d co-founded LulzSec along with Sabu. He was a 17-year-old teenager from London named Mustafa Al-Bassam. He’d written a script Tunisians could install on their web browsers that allowed them to avoid surveillance from their own government. He received a 20 month suspended sentence.

But Jeremy was the only American arrested and imprisoned because of the LulzSec hacks.

In 2020, Jeremy was released from prison and moved into a halfway house. Since then, he’s stayed out of the news.

But Jeremy’s role in shaping the hacktivist movement was substantial. At his core, Jeremy was an activist who helped define what it means to be a hacktivist—before he even joined Anonymous. Once he did, he helped guide the organization towards a more politically motivated mindset. It was only the betrayal of a friend, and his own carelessness, that brought him down.

Jeremy Hammond always assumed the feds were onto him, but he went about his activism anyway. He’s paid the price for it, but his impact echoes today.

CREDITS

Thanks for listening to Modem Mischief. Don’t forget to hit the subscribe or follow button in your favorite podcast app so you don’t miss an episode. This show is an independent production and is wholly supported by you, our listeners and the best way to support the show is to share it. And another way to support us is on Patreon or as a paid subscription on Apple Podcasts. For as little as $5 a month you’ll receive an ad-free version of the show plus bonus episodes exclusive to subscribers. Modem Mischief is brought to you by Mad Dragon Productions and is created, produced and hosted by me: Keith Korneluk. This episode is written and researched by Jim Rowley. Edited, mixed and mastered by Greg Bernhard aka Sir Gregosaurus Rex. The theme song “You Are Digital” is composed by Computerbandit. Sources for this episode are available on our website at modemmischief.com. And don’t forget to follow us on social media at @modemmischief. Thanks for listening!