TJX Hacker Albert Gonzalez Claims Government Made Him Do It


The latest news from the tinfoil hat wearing conspiracy camp is that Albert Gonzalez the TJX hacker who was convicted in 2009 was authorized to hack by the US Government.

Back in 2009 we posted about that too – TJX Hacker Albert “Segvec” Gonzalez Indicted By Federal Grand Jury.

And now he’s saying his actions were endorsed by the government and that he was paid $1200USD a month to get close to the underground hacker community.

Convicted hacker Albert Gonzalez, who is currently serving a 20-year prison sentence after pleading guilty to the massive hacks at TJX, Heartland and numerous retailers, now claims that he thought he was authorized and directed by the government to carry out the illegal activities.

In a petition filed last month, first reported by Wired , Gonzalez informed the U.S. District Court for the District of Massachusetts that he would like to withdraw his guilty plea and asked the court to vacate its sentence. In his 25-page petition, Gonzalez blamed his attorneys Martin Weinberg and Rene Palomino for not properly representing him or informing him about his defense options. Gonzalez also claimed that his lawyers did not appeal his sentence as he had asked them to.

Gonzalez was arrested in Miami in 2008 along with 10 other individuals on charges relating to the thefts at TJX, Dave & Busters, BJ’s Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW. Later he was also charged with the break-ins at Heartland Payment Systems, Hannaford, 7-Eleven and two other unnamed retailers. Gonzalez was indicted in three different states, New York, Massachusetts and New Jersey for his crimes. Prosecutors alleged that Gonzalez and his international gang of cyber criminals stole data on more than 130 million debit and credit cards over a multi-year period.

I guess the fact he’s serving a 20 year sentence has really sunk in and he’s looking at ways to get out the jail time. It’s a feasible enough story I suppose, almost like the online version of a snitch. They get paid allowances too for sneaking around, watching what dodgy characters are up to and reporting back to their police buddies.

Plus if this guy does have some legitimate hacking skills and he used then to get close to carding rings and infiltrate chat rooms he could get some very useful information. It’d be a shame if his tale is true and he’s basically been stitched up by the US Government.


In Sept. 2009, Gonzalez, pleaded guilty to 20 counts of conspiracy, computer fraud, wire fraud, access device fraud and aggravated identity theft. He was sentenced to two concurrent 20 year terms by federal courts in Massachusetts and NJ.

In his petition, Gonzalez claims that all of the criminal activities that he admitted to in court were actually done with the full knowledge and the direction of the United States Secret Service.

As previously known, Gonzalez noted that he had begun working as a confidential informant for the Secret Service back in 2003 soon after he was busted in connection with a series of ATM thefts. Gonzalez claims that over the next several years, he helped the Secret Service infiltrate various carder gangs and hacking groups, leading to the arrests of many of them.

Gonzalez’ petition details his interactions with two of his Secret Service handlers, who he claims treated him almost like another member of the agency and took him to different parts of the country for undercover work.

“The Agents had me infiltrating chat rooms setting people up and then the Agents would bust them,” he offers as one example of the work he claims to have done for the government. “On one occasion I was taken to California for a week to help Agents there with undercover operation that resulted in arrests and convictions,” Gonzalez said in his petition.

The only thing that puzzles me is why did it take him two years to do this? I’m pretty sure if it were true he would have filed straight away.

Anyway we’ll have to wait a while I guess to see what the courts think of his filing. It is possible he could have been misrepresented by his attorney and got a really bum deal.

If that’s the case, good luck Albert!

Source: Network World

Posted in: Hacking News, Legal Issues

,


Latest Posts:


Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc


Comments are closed.