TJX Hacker Albert Gonzalez Claims Government Made Him Do It

The New Acunetix V12 Engine


The latest news from the tinfoil hat wearing conspiracy camp is that Albert Gonzalez the TJX hacker who was convicted in 2009 was authorized to hack by the US Government.

Back in 2009 we posted about that too – TJX Hacker Albert “Segvec” Gonzalez Indicted By Federal Grand Jury.

And now he’s saying his actions were endorsed by the government and that he was paid $1200USD a month to get close to the underground hacker community.

Convicted hacker Albert Gonzalez, who is currently serving a 20-year prison sentence after pleading guilty to the massive hacks at TJX, Heartland and numerous retailers, now claims that he thought he was authorized and directed by the government to carry out the illegal activities.

In a petition filed last month, first reported by Wired , Gonzalez informed the U.S. District Court for the District of Massachusetts that he would like to withdraw his guilty plea and asked the court to vacate its sentence. In his 25-page petition, Gonzalez blamed his attorneys Martin Weinberg and Rene Palomino for not properly representing him or informing him about his defense options. Gonzalez also claimed that his lawyers did not appeal his sentence as he had asked them to.

Gonzalez was arrested in Miami in 2008 along with 10 other individuals on charges relating to the thefts at TJX, Dave & Busters, BJ’s Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW. Later he was also charged with the break-ins at Heartland Payment Systems, Hannaford, 7-Eleven and two other unnamed retailers. Gonzalez was indicted in three different states, New York, Massachusetts and New Jersey for his crimes. Prosecutors alleged that Gonzalez and his international gang of cyber criminals stole data on more than 130 million debit and credit cards over a multi-year period.

I guess the fact he’s serving a 20 year sentence has really sunk in and he’s looking at ways to get out the jail time. It’s a feasible enough story I suppose, almost like the online version of a snitch. They get paid allowances too for sneaking around, watching what dodgy characters are up to and reporting back to their police buddies.

Plus if this guy does have some legitimate hacking skills and he used then to get close to carding rings and infiltrate chat rooms he could get some very useful information. It’d be a shame if his tale is true and he’s basically been stitched up by the US Government.


In Sept. 2009, Gonzalez, pleaded guilty to 20 counts of conspiracy, computer fraud, wire fraud, access device fraud and aggravated identity theft. He was sentenced to two concurrent 20 year terms by federal courts in Massachusetts and NJ.

In his petition, Gonzalez claims that all of the criminal activities that he admitted to in court were actually done with the full knowledge and the direction of the United States Secret Service.

As previously known, Gonzalez noted that he had begun working as a confidential informant for the Secret Service back in 2003 soon after he was busted in connection with a series of ATM thefts. Gonzalez claims that over the next several years, he helped the Secret Service infiltrate various carder gangs and hacking groups, leading to the arrests of many of them.

Gonzalez’ petition details his interactions with two of his Secret Service handlers, who he claims treated him almost like another member of the agency and took him to different parts of the country for undercover work.

“The Agents had me infiltrating chat rooms setting people up and then the Agents would bust them,” he offers as one example of the work he claims to have done for the government. “On one occasion I was taken to California for a week to help Agents there with undercover operation that resulted in arrests and convictions,” Gonzalez said in his petition.

The only thing that puzzles me is why did it take him two years to do this? I’m pretty sure if it were true he would have filed straight away.

Anyway we’ll have to wait a while I guess to see what the courts think of his filing. It is possible he could have been misrepresented by his attorney and got a really bum deal.

If that’s the case, good luck Albert!

Source: Network World

Posted in: Hacking News, Legal Issues

,


Latest Posts:


testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.
How To Recover When Your Website Got Hacked How To Recover When Your Website Got Hacked
The array of easily available Hacking Tools out there now is astounding, combined with self-propagating malware, people often come to me when their website got hacked and they don't know what to do, or even where to start.
HTTrack - Website Downloader Copier & Site Ripper Download HTTrack – Website Downloader Copier & Site Ripper Download
HTTrack is a free and easy-to-use offline browser utility which acts as a website downloader and a site ripper for copying websites and downloading them for offline viewing.
sshLooter - Script To Steal SSH Passwords sshLooter – Script To Steal SSH Passwords
sshLooter is a Python script using a PAM module to steal SSH passwords by logging the password and notifying the admin of the script via Telegram when a user logs in.


Comments are closed.