The international hunt for the LulzSec computer hackers linked to cyber attacks on police and government websites in the UK and US has led to the arrest of an 18-year-old man in Shetland.
The Metropolitan police’s e-crime unit said the man used the online nickname Topiary, the alias of the group’s main spokesman.
This was the first arrest linked to LulzSec and the broader hacking collective Anonymous in which the police have immediately identified the online identity of the suspect arrested. Police also searched a house in Lincolnshire and interviewed a 17-year-old man under caution, though no arrest was made.
The arrest of Topiary is the third made in the UK in the search for members of the group, following that of Ryan Cleary, in Essex, in June, and the arrest and release in London last week of a 16-year-old known online as Tflow. The apparent ringleader of the group, known online as Sabu, remains at large.
LulzSec claims to have carried out attacks on a number of sites, including the Sun last week when it redirected readers to a fake story claiming Rupert Murdoch was dead, and others during May and June including attacks on the UK’s Serious Organised Crime Agency, an FBI-affiliated site, the US Congress, and Sony’s European network.
“Topiary” was on Wednesday being transported to London for interview. The main Twitter account connected to LulzSec, which has more than 340,000 followers and which Topiary is alleged to control, fell silent shortly before midday on Wednesday. Topiary’s own twitter feed, @atopiary, was wiped clear on Friday, save for one tweet reading: “You cannot arrest an idea.”
Police in the UK and US have been rounding up suspected members of LulzSec, and those who in January participated in attacks on the payments site PayPal as part of the Anonymous hacking collective. Last week the FBI made 16 arrests of alleged participants in the attacks, and it is believed to have a list of 1,000 computer addresses it is targeting.
On Wednesday members of Anonymous and LulzSec staged a peaceful protest against PayPal for its refusal to allow payments to WikiLeaks by closing their PayPal accounts.
The arrest in Shetland was carried out by the Met’s e-crime unit along with the Scottish Crime and Drug Enforcement Agency (SCDEA) and Lincolnshire police.
The unnamed 16-year-old man from south London was arrested and released without charge on bail last week. He is due to return for further questioning in August.
Cleary is to appear before a London court on 30 August charged with a number of attacks on websites. Cleary was charged with five offences under the Criminal Law and Computer Misuse Acts, including an alleged attack on Soca’s website.
Earlier this week the group claimed to have broken into websites belonging to Italy’s police cybercrime unit and Nato. Nato said it was investigating the claims. The group also claims to have a large number of emails collected from an attack on News International servers.
Rival hackers regularly attempt to expose members of Lulzsec’s inner team by publishing suspected details of their real identities, a process known as “doxing”. Several such efforts made to unmask Topiary in June suggested he may be located in the UK or Ireland, though someone apparently acting as Topiary denied these in chat channels.
Contacts within Anonymous suggest Topiary has not been seen online for several days.