Threat Management, Malware, Threat Management, Vulnerability Management

FBI arrests hacker who may have ties to Anonymous

A nearly two-year FBI investigation into a cyber attack against the Hidalgo County website in Texas has resulted in the arrest of a 27-year-old man. Additionally, he claimed to have ties to the hacktivist collective Anonymous.

Charged with accessing a protected computer without authorization and recklessly causing damage, Fidel Salinas Jr. was arrested last week and will remain in federal custody until an upcoming detention hearing. The charges against him can carry a prison sentence of one to five years.

The attack ultimately compromised sensitive human resources and emergency alert data, caused slowness and latency for users, and left administrators unable to access or manage the website for most of the day, according to an affidavit signed and filed on Sept. 11 (PDF).

Access to the website was the result of a SQL injection attack method known as brute force, which involves the relentless entering of words and variants to uncover login information. Hidalgo County IT officials speculated the cyber assault caused $10,620.32 in damages and loss.

The FBI cyber crime unit was alerted on Jan. 5, 2012 that an individual had made 14,000 attempts to hack into the Hidalgo County website, particularly the administration page, according to the affidavit.

The internet protocol (IP) address identified in a log obtained by the FBI showed that the hacking attempts originated from an address in Donna, Texas, which the FBI investigated on Jan. 11, 2012, after being issued a search warrant.

Authorities learned that Salinas was staying there with his girlfriend, whose mother owned the residence, and the alleged perpetrator told the FBI then that he noticed a flaw in the Hidalgo County website and attempted to gain access with the intention of alerting network administrators.

The FBI recovered several computers and electronic devices from the Donna residence and made a number of discoveries on Salinas' computer, including a website vulnerability tool, a SQL injection tool, Google searches relating to hacker collective Anonymous, and an internet relay chat (IRC) containing logs pertaining to Operation AntiSec, an Anonymous-related hacking campaign.

In a May follow-up interview, Salinas admitted to investigators that he used SQL injection techniques to access the website. As well, he told the FBI he talked with members of Anonymous via online chats.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.