People on Boat with File of Papers in Water Illustration

When Anonymous hackers are your source, things get messy.

On Thursday, journalist Adrian Chen released a review of Gabriella’s Coleman’s new book, Hacker, Hoaxer, Whistleblower, Spy, an inside look at the hacktivist collective Anonymous. Chen dismissed the work as an “artful advertisement for Anonymous,” one that lacks objectivity and overlooks the group’s misfires.

“[T]he members of Anonymous barge into issues they know nothing about and proceed with the only logic they understand—believing, as Coleman does, that their position as a technological elite gives them an innate political ability. Along the way, they are helped by a tech-crazed media desperate to find a tech angle in struggles for social justice, like Ferguson.”

Chen knows the position of “tech-crazed media” all too well. In August of 2011, Chen, then a reporter at Gawker, offered money to hacktivists who claimed to have acquired a bevy of top-secret NATO emails and documents after hacking Britain’s News of the World, according to chat logs obtained by the Daily Dot. The chat logs show how the FBI was privy to a media misinformation campaign involving its own informant and a journalist’s efforts to expose a NewsCorp-affiliated publication. (Disclosure: Daniel Stuckey and Andrew Blake have at various times shared responsibility for @YourAnonNews, a Twitter account that promotes hacktivism and is loosely affiliated with Anonymous. They were not involved with the account during this story’s events of 2011-12.)

The chat logs are part of a cache of sealed court documents from the trial of hacker Jeremy Hammond, obtained in April. They include countless conversations had online by Hector Xavier Monsegur, the hacker turned informant to the Federal Bureau of Investigation (FBI) responsible for Hammond’s downfall. Previous investigations have found that Monsegur led the cyberattacks on an Austin-based intelligence firm, Stratfor; a cybersecurity contractor working with the bureau, Mantech; and a host of government-owned servers in foreign countries—all of which call into question the FBI’s ability to supervise its own informants. 

sabu and chen pullquote 1

Eager to expose further corruption at the Rupert Murdoch-owned News of the World (NoW)—after a Guardian report revealing it for phone-hacking had recently caused the paper to fold—Chen pitched an offer to one of the most vocal and public proponents of the hacktivist movement Anonymous: “[W]hat if Gawker made a substantial donation to the topiary fund in exchange for the emails[?]”

Chen was referring to a legal defense trust launched days earlier for Jake Davis, a U.K. teen accused by authorities of being behind the alias Topiary, a member of the Anonymous offshoot LulzSec.

“[T]hat would be cool,” replied Monsegur, known by Chen and others at the time by his alias, Sabu. “I think we’re at 5btc right now,” he told Chen, referring to an amount of Bitcoin at the time worth only $60.25.

Weeks earlier, unbeknownst to Chen, Monsegur had been arrested by the FBI and was now recording this chat—and thousands of others—as part of a cooperative deal reached with the U.S. government.

Two weeks before Chen made his offer, Anonymous, largely led and rallied by the FBI’s informant, succeeded in carrying out a pair of noteworthy hacks. The first, carried out on July 17, 2011, was the pilfering of emails from a server belonging to the FBI’s own cybersecurity contractor, ManTech, a breach that yielded confidential NATO documents released 12 days later on the Pirate Bay.

The second, on July 18, was a viral Rupert Murdoch death hoax, planted just hours before the publisher was to testify before British parliament with regards to NoW‘s phone-hacking allegations. Reviving its comically driven LulzSec brand, the group posted a crudely written and obviously false obituary to the website of Murdoch’s own tabloid, the Sun, reporting he’d been found lifeless by authorities, “slumped over on a particularly large garden hedge fashioned into a galloping horse.” 

Although the group uncovered login credentials belonging to NoW’s then-editor-in-chief, Rebekah Brooks, they hadn’t truly gained access to any of her emails. But that didn’t stop Monsegur from claiming to have found NATO-related documents in the group’s hack of the Sun—a plan he hatched to further embarrass the already-destroyed newspaper, its publisher, and the credibility of any journalist willing to write about it.

“[W]e fabricate intricate emails, and let media post them without investigation,” Monsegur proposed in #!sunnydays, the main chat room in which the LulzSec crew plotted its defacement of the Sun. Some of his hacker comrades disagreed with the notion of concocting phony emails. “Nah, fabricating them will just make us look bad,” one Anon proscribed “[I] dont fabricate things.” Others LOL’d  in agreement.

LulzSec then tweeted that it was “working with certain media outlets who have been granted exclusive access to some of the News of the World emails we have.” Quickly, the claim piqued interests of a number of journalists, many of whom entered into private chats with Monsegur.

“Some of the nato stuff you will see was plundered from the sun mail,” Monsegur told Adam Livingstone, a producer at BBC’s Newsnight, during the campaign. “So you must ask yourself, wtf are they doing with that stuff in the first place?”

Monsegur spent weeks searching for writers susceptible enough to take his bait. Chen, who had previously covered the hacktivist beat and had long been a target of Anonymous’s trolling, quickly became the no. 1 target of Monsegur’s misinformation campaign.

Sabu chat screenshot


Citing WikiLeaks’ embargo agreements with the New York Times, Chen at one point suggested a source-publisher partnership between LulzSec and Gawker:

Sabu Chen chat


Monsegur trolled Chen with the prospect of providing those nonexistent emails for two weeks. At times, he coldly ignored Chen’s inquiries. At one point, he asked for a personal sabu@gawker.com email address with which he’d deliver the stolen emails.

Chen told him, “I could get you sabu@gawkernet.com, we use gawkernet for file-hosting.” Three hours later, he’d revisit the subject of the email address, stressing, “You really could be the hackers who took down Murdoch. It’s crazy that your crew would pass that up.”

On Aug. 2, four days after Chen initially offered Monsegur money, Anonymous published a 400mb torrent including NATO documents it’d taken from ManTech’s servers. Gizmodo, Gawker’s sister site, published a story about the document dump, but according to chat logs, it appears Monsegur still had Chen under the impression more valuable information remained.

Chen told Monsegur he’d approved the deal with his bosses:

Sabu Chen chat 2

It’s not clear if Chen’s people were indeed “on board” at the time. Remy Stern, Gawker’s editor-in-chief during Chen’s pursuit of the emails, did not respond to requests for comment on this story. John Cook, who shared bylines with Chen in 2011 (and is sooner returning to Gawker after a months-long stint at The Intercept), said when asked if he oversaw any editorial approval to purchase the purportedly hacked emails, “I know nothing of this.” Cook reminded he was a reporter at the time, and only became the site’s editor in 2013. 

Gawker Media has a well-documented history of buying its scoops. In 2010, a leaked internal memo authored by Gawker’s owner, Nick Denton, addressed the outlet’s guidelines for paying bounties, stating that for every 1,000 new visitors warranted by a story, Gawker would pay $10. Two years later, the outlet spent $5,000 on gaining access to leaked Fox News content via an employee, Joe Muto, who later wrote an entire book about the career-ending exploit. Gizmodo at one point provoked Apple to take legal action under California’s Uniform Trade Secrets Act, after paying $5,000 for a stolen prototype of Apple’s iPhone 4 and leaking an early review about the unreleased product. More recently, Cook led a crowdfunding campaign to raise $200,000 to buy a video of Rob Ford, then the embattled mayor of Toronto, smoking crack. 

While agreeing to donate to an hacker’s benefit fund isn’t as alarming as, say, News of the World’s phone-hacking scandal, Chen’s efforts reveal the difficulty of working with and reporting on Anonymous, as well as the gray and often contradictory area in tabloid-driven journalism, where ethical boundaries are blurred for the sake of scoops and scandals. 

Gillmor quote

“Every source, every interview, is a transaction of some kind, whether there’s a direct payment or not,” Dan Gillmor, professor at the Walter Cronkite School of Journalism & Mass Communication at Arizona State said in a phone conversation. “Both parties are getting or think they’re getting some value out of the deal. 

“Journalists’ dealings with sources are messy. There’s some sausage-making going on there that’s not very attractive.”

Ironically, Coleman inadvertently addressed Chen’s situation in her book. “Anonymous’s exchanges with media figures and researchers are as contradictory and varied as the collective itself,” she wrote. “The primary goal, typically, was to gain publicity for their causes, such as the turmoil in Tunisia, but they also sought, whenever possible, to carefully manage their own image. On a few occasions, the goal was to troll particular journalists as well.”

Chen was Anonymous’s target on more than one occasion. In 2012, he donned a tutu while placing a sneaker on his head with the hope other Anons would grant him an interview about “12 million Apple device IDs, allegedly stolen from an FBI cybersecurity agent’s laptop.” 

“This is Anonymous’s real power,” Chen concluded in his 3,500-word review, “to run us through a maze so tantalizing and bewildering that we don’t realize how totally lost we are.” 

Chen and Gawker did not immediately respond to requests for comment. The FBI has declined to comment. Monsegur was unavailable for comment.

Editor’s note: This story was updated Nov. 18 to include a disclosure about its authors.

Illustration by J. Longo

Layer 8
How an FBI informant orchestrated the Stratfor hack
Previously unseen chat logs reveal that Hector “Sabu” Monsegur—not Jeremy Hammond—instigated the infamous cyberattack. 
From Our VICE Partners

Pure, uncut internet. Straight to your inbox.