According to the Department of Justice, fourteen suspects were involved in a DDoS attack against PayPal's website launched after the company blocked donations to WikiLeaks.
They are named as defendants in an indictment unsealed yesterday in the Northern District of California in San Jose.
Their names are: Christopher Wayne Cooper, 23, aka “Anthrophobic;” Joshua John Covelli, 26, aka “Absolem” and “Toxic;” Keith Wilson Downey, 26; Mercedes Renee Haefer, 20, aka “No” and “MMMM;” Donald Husband, 29, aka “Ananon;” Vincent Charles Kershaw, 27, aka “Trivette,” “Triv” and “Reaper;” Ethan Miles, 33; James C. Murphy, 36; Drew Alan Phillips, 26, aka “Drew010;” Jeffrey Puglisi, 28, aka “Jeffer,” “Jefferp” and “Ji;” Daniel Sullivan, 22; Tracy Ann Valenzuela, 42; and Christopher Quang Vo, 22.
One defendant's name has been withheld by the court, most likely because he is still a minor. The fourteen suspects were arrested in Alabama, Arizona, California, Colorado, the District of Columbia, Florida, Massachusetts, Nevada, New Mexico and Ohio.
The DDoS attack against PayPal was part of Anonymous' "Operation Avenge Assange" which targeted companies and even law enforcement agencies viewed by the group as enemies of WikiLeaks and its leader.
Two separate suspects were taken into custody by the FBI yesterday in connection with attacks attributed to LulzSec rather than Anonymous, although the two groups have always been tightly connected.
A 21-year-old student at the University of Central Florida named Scott Matthew Arciszewski was arrested for hacking into a website belonging to InfraGard, an organization sponsored by the FBI.
According to a complaint filed in Middle District of Florida, Arciszewski managed to upload a file called “aspydrv.asp;jpg” on the website. From this description, it seems he exploited a file name validation weakness in an upload script to install an .asp backdoor.
In addition, a 21-year-old man from Las Cruces, New Mexico, who worked as a customer support contractor for AT&T was arrested for accusations of stealing confidential information from the company and publishing it online.
Named Lance Moore, he was the alleged source for the AT&T data leaked by LulzSec in their final torrent before disbanding, although he is accused of publishing the information on Fileape.com back in April.
In addition to these arrests, 35 search warrants were executed by the FBI at residences throughout the United States as part of an ongoing investigation into cyber attacks against other companies and organizations.