News of several high-profile hacker arrests this week have quickly led to claims the FBI attempted to actively entrap other suspects.
Anonymous and LulzSec participant Hector Monsegur, better known in hacking circles as Sabu, is thought to have spent the better part of the past year serving as an FBI informant.
He often took to Twitter to rally his 50,000 followers to commit crimes and, as recently as last week, urged them to "infiltrate" Interpol after the police agency helped coordinate the arrests of 25 suspected Anonymous members.
At the same time, however, chat logs show the 28-year-old, who lived in a housing project on New York's Lower East Side, instigated others through more direct communication.
A hacker using the alias Havittaja this week linked to a Pastebin document that he claimed documents a January 24 chat exchange with Monsegur, in which the informant offers to provide stolen credentials to access a Brazilian government website.
"The question why he was giving me passwords if he was with the FBI?" Havittaja tweeted.
Hacking group Anonymous suggested the trove of five million Stratfor emails, leaked to Wikileaks and now progressively being published by media globally, may have been part of an FBI-sanctioned attack.
Others have suggested Monsegur may have induced people to perpetrate attacks that they may otherwise have been unable or unlikely to commit, a legal defense term known as entrapment.
"I think we're going to be hearing the word 'entrapment' a lot coming up," Gregg Housh, an internet activist and Anonymous observer who still participates in internet relay chat (IRC) discussions with members, said.
"A lot of the hacks happened under his supervision or at his behest. A lot of things might not have happened if he wasn't so vocal."
Legal quandary
But proving entrapment presents a complex legal challenge according to Pamela Johnston, a partner with Foley & Lardner and a former federal prosecutor in Los Angeles.
She said one must first show the government "had you do something", which may be true in the case of Monsegur.
The second burden of proof is more difficult, however. A defendant must show that they had never before engaged in this type of conduct, even before they interacted with an informant.
"Entrapment is a defense often discussed, but which rarely prevails," Johnston said, adding that accused individuals often have better luck arguing this defense before an appeals judge rather than a jury.
Still, juries don't typically appreciate cases in which informants go "rogue" and take their role too far.
"Deception is permitted," she said.
"A person in that circumstance is allowed to be dishonest and not truthful...[But] law enforcement is not really supposed to be turning people into criminals."
A spokeswoman for the US attorney's office in the Southern District of New York, where the criminal complaints were unsealed on Tuesday morning, declined to comment when contacted.
Victims at stake
Questions have also been raised as to whether Monsegur's FBI handlers permitted attacks to glean evidence used in charging others.
Housh said the devastating breach last last year of global affairs firm Stratfor could be a clear example.
According to the chat logs between Monsegur and Chicago resident Jeremy Hammond, who was charged with having a role in the Stratfor hack, Monsegur not only knew that Hammond was allegedly considering invading the company's network but also volunteered a server to store the stolen booty.
"The FBI pretty much left Stratfor out to dry," Housh said.
"They screwed over Stratfor knowingly. That pretty much blows my mind."
He added that the FBI may have done this in order to build a stronger case against WikiLeaks founder Julian Assange.
The FBI declined to comment.
A Stratfor spokesman could not immediately be reached for comment.
Johnston said protocols exist within the FBI so that incidents only are permitted to progress to a certain point. In some cases, she admitted, there is victim blowback.
"That's when things get tense," Johnston said.
"You're letting entities be victimised. It's not really desirable, although sometimes it happens."
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
