Is the Lulz Boat well and truly sunk?

Reports surfaced last week that LulzSec was making an April Fool's come back, but how do you float a Lulz Boat that has been proven to be full of FBI holes and extremely leaky?
Written by Michael Lee, Contributor

commentary Reports surfaced last week that LulzSec was making an April Fool's come back, but how do you float a Lulz Boat that has been proven to be full of FBI holes and extremely leaky?


Hector Xavier Monsegur, aka Sabu, was a founder of LulzSec and informant for the FBI.
(Credit: James Martin/CNET)

When I first heard the news about the return of the LulzBoat, my reaction was along the lines of, "you and whose army?" After all, just about every member of LulzSec has been picked up by law enforcement, including some of the group's associates. As much as I missed the slightly sickeningly entertainment of finding out who else had been hacked "for the lulz", I wondered whether it would be possible for the group to make a return.

The announcement of LulzSec's return was strange for a couple of reasons. The announcement itself was in the form of a YouTube video, posted by another hacking group (or more probably, an individual) going by the name of Fawkes Security. But LulzSec never used YouTube during its reign, opting instead to use Pastebin, Twitter and its own site. There isn't any evidence of the group's return on any of those three channels.

Furthermore, just like anyone can be a member of Anonymous, it appears that anyone can pick up the LulzSec banner and fly it. In this case, it looks like Fawkes Security has done just that, with the video similar to LulzSec's previous ones. It also has a history of taking credit for attacks that possibly never took place, never were confirmed or had not been attributed to any group, such as an alleged distributed denial-of-service attack on Facebook.

Normally, this sort of behaviour is weeded out pretty quickly, at least it is the case with Anonymous, which has the ability to disown its own members. It recently did so with the so-called Anonymous-OS operating system that it claimed was filled with backdoors and trojans, even though there was no evidence to suggest so.

LulzSec, on the other hand, has members that are either arrested or trying to keep as low a profile as possible to avoid the same fate, who have better things to do with their time than out someone who has taken up their name. It's also highly probable that it's not one of them since most have the common sense to realise that picking up the banner would be extremely dangerous for their own safety, especially considering one of LulzSec's founders, Sabu, turned out to be a mole for the FBI. I also wouldn't blame any of them for not stepping up to the plate to correct the record.

Although it's now ridiculously easy for anyone to claim they are a part of LulzSec without being challenged, this doesn't necessarily mean the group will return to its former glory days under anyone that wants to claim infamy for themselves. One of the key differences between it and Anonymous is that LulzSec typically doesn't require the help of its followers to conduct attacks. The real work was mostly being done by the core group, which is now incapacitated.

But even if a skilled hacker decided to take up the LulzSec banner and set sail with the same message, attempts to reclaim LulzSec's now probably FBI-owned web hosting or Twitter accounts would surely raise red flags with the US Government. Not only would they have an increased risk of having the FBI breathe down their necks, but because the group worked up several enemies within the hacking community, whoever has picked up the group's work is sure to have made themselves a target for having their personal details splashed over the internet. If you're a hacker with any skill, there are better, less risky ways to hang out one's shingle.

So as much as anyone might like to hope that this announcement would bring the return of the group's former entertaining antics, the Lulz Boat has well and truly sunk.

Editorial standards