A Texas man has been criminally charged with taking part in a string of hacks that targeted government and law-enforcement websites under the banner of "CabinCr3w," an offshoot to the Anonymous hacking collective.
Higinio O. Ochoa III, a 30-year-old Linux administrator from Galveston, Texas, was charged with unauthorized access to a protected computer, according to documents filed in US District Court in Austin, Texas. His hacks, under a campaign his group took to calling "Operation Pig Roast," allegedly penetrated sites operated by at least four law-enforcement groups and in some cases dumped phone numbers, addresses, and other personal information belonging to police officers. He was also accused of hacking into the County of Houston's website in Alabama, a feat that required city workers to rebuild the site from a backup disk, according to FBI Special Agent Scott Jensen.
"In addition, the attacker created fake events on their online calendar, posted images representing Anonymous and CabinCr3w, deleted all the administrator accounts except the one created by the attacker," Jensen wrote in a March 15 affidavit filed in support of the charges. "All of this was accomplished by gaining unauthorized administrator access to the site's control panel."
Ochoa, who remains free on $50,000 bail and the condition he not use computers, smartphones, or the internet, has not yet entered a plea in the case. His attorney, Federal Public Defender Jose Gonzalez-Falla, declined to comment on the allegations.
But in a post published over the weekend, Ochoa admitted to being a member of CabinCr3w and having detailed discussions with Jensen about security vulnerabilities on the Website belonging to the Texas Department of Public Safety.
"After FBI Agent Scott Jenson [sic] was done explaining how unimpressed he was with both my expressed skills, and information I provided the systems administrator for the texas DPS," he wrote in the post, "he then proceeded to interview me for the exact information concerning the breach of the texas DPS site. (It would seem to me neither the DPS administrator nor the FBI fully understand the 'complexity' of SQL injections.)"
Gonzalez-Falla confirmed the communication was written in longhand by Ochoa, who then gave it to someone else to post online.
Connecting the digital dots
The affidavit shows FBI agents identifying Ochoa as a suspect by piecing together a series of digital breadcrumbs left by the hackers. After some of the attacks were announced by a Twitter user called @Anonw0rmer, agents searched the Internet for users using the handle w0rmer. They quickly stumbled on this post, which was signed "Higino Ochoa AkA w0rmer" [sic]. The attack on the Texas Department of Public Safety, which this post attributed to w0rmer and CabinCr3w, used an IP address belonging to someone who resided in the same apartment building Ochoa lived in.
Investigators also mined Exchangeable image file format data contained in a photo on this web page that showed a woman in a bikini with the sign that read: "PwNd by w0rmer & cabincr3d." The GPS data in the image showed it was taken with an iPhone 4 at a location in South VIC, Australia. By searching Facebook, agents soon learned that a girlfriend of Ochoa's had graduated from a high school about 700 miles away.
According to court documents, Ochoa made an initial court appearance on March 21 and was released on bail. His next court appearance is scheduled for April 10 before Magistrate Courtroom Deputy Annette French.
In the account posted online, Ochoa admitted he has cooperated with authorities.
"I turned over all accounts in my control and forfieted [sic] any protection I personally may have had to ensure they believed I was cooperating," he wrote.
It remains unclear exactly how genuine his cooperation has been. Twice in the account, he referred to his role as an informant as a "play" and he also seemed to suggest members of his hacking crew should be prepared to make personal sacrifices for the good of the whole.
"Those however who know me best would vouch for me undoutfully [sic] that doing so would put this movement at risk, something that i wish more anon's would not only consider but place higher than themselves and those around them. ALL information provided to the FBI merely made MY case weaker and caused internal confusion showing the inherent weakness in the system."
A spokesman for the US Attorney for the Western District of Texas, which is prosecuting the case, didn't return phone calls seeking comment for this article.
Listing image by Photograph by Vincent Diamante
reader comments
43