FBI arrests hacker who may have ties to Anonymous

Share this article:
A nearly two-year FBI investigation led to the arrest of the 27-year-old man.
A nearly two-year FBI investigation led to the arrest of the 27-year-old man.

A nearly two-year FBI investigation into a cyber attack against the Hidalgo County website in Texas has resulted in the arrest of a 27-year-old man. Additionally, he claimed to have ties to the hacktivist collective Anonymous.

Charged with accessing a protected computer without authorization and recklessly causing damage, Fidel Salinas Jr. was arrested last week and will remain in federal custody until an upcoming detention hearing. The charges against him can carry a prison sentence of one to five years.

The attack ultimately compromised sensitive human resources and emergency alert data, caused slowness and latency for users, and left administrators unable to access or manage the website for most of the day, according to an affidavit signed and filed on Sept. 11 (PDF).

Access to the website was the result of a SQL injection attack method known as brute force, which involves the relentless entering of words and variants to uncover login information. Hidalgo County IT officials speculated the cyber assault caused $10,620.32 in damages and loss.

The FBI cyber crime unit was alerted on Jan. 5, 2012 that an individual had made 14,000 attempts to hack into the Hidalgo County website, particularly the administration page, according to the affidavit.

The internet protocol (IP) address identified in a log obtained by the FBI showed that the hacking attempts originated from an address in Donna, Texas, which the FBI investigated on Jan. 11, 2012, after being issued a search warrant.

Authorities learned that Salinas was staying there with his girlfriend, whose mother owned the residence, and the alleged perpetrator told the FBI then that he noticed a flaw in the Hidalgo County website and attempted to gain access with the intention of alerting network administrators.

The FBI recovered several computers and electronic devices from the Donna residence and made a number of discoveries on Salinas' computer, including a website vulnerability tool, a SQL injection tool, Google searches relating to hacker collective Anonymous, and an internet relay chat (IRC) containing logs pertaining to Operation AntiSec, an Anonymous-related hacking campaign.

In a May follow-up interview, Salinas admitted to investigators that he used SQL injection techniques to access the website. As well, he told the FBI he talked with members of Anonymous via online chats.

Share this article:

Sign up to our newsletters

More in News

Report: SQL injection a pervasive threat, behavioral analysis needed

Report: SQL injection a pervasive threat, behavioral analysis ...

Long lag times between detection and resolution and reliance on traditional methods impair an organization's ability to combat SQL injection attacks.

WhatsApp bug allows for interception of shared locations

Researchers identified a vulnerability in WhatsApp that could enable an attacker to intercept shared locations using a man-in-the-middle attack, or a rogue access point.

Google tweaks its terms of service for clarity on Gmail scanning

The company is currently dealing with a lawsuit that challenges its email scanning practices.