Sabu also supplied lists of targets that were vulnerable to "zero day
exploits" used to break into systems, including a powerful remote root
vulnerability effecting the popular Plesk software. At his request,
these websites were broken into, their emails and databases were
uploaded to Sabu's FBI server, and the password information and the
location of root backdoors were supplied. These intrusions took place
in January/February of 2012 and affected over 2000 domains, including
numerous foreign government websites in Brazil, Turkey, Syria, Puerto
Rico, Colombia, Nigeria, Iran, Slovenia, Greece, Pakistan, and others.
A few of the compromised websites that I recollect include the
official website of the Governor of Puerto Rico, the Internal Affairs
Division of the Military Police of Brazil, the Official Website of the
Crown Prince of Kuwait, the Tax Department of Turkey, the Iranian
Academic Center for Education and Cultural Research, the Polish
Embassy in the UK, and the Ministry of Electricity of Iraq.
Sabu also infiltrated a group of hackers that had access to hundreds
of Syrian systems including government institutions, banks, and ISPs.
He logged several relevant IRC channels persistently asking for live
access to mail systems and bank transfer details. The FBI took
advantage of hackers who wanted to help support the Syrian people
against the Assad regime, who instead unwittingly provided the U.S.
government access to Syrian systems, undoubtedly supplying useful
intelligence to the military and their buildup for war.
All of this happened under the control and supervision of the FBI and
can be easily confirmed by chat logs the government provided to us
pursuant to the government's discovery obligations in the case against
me. However, the full extent of the FBI's abuses remains hidden.
Because I pled guilty, I do not have access to many documents that
might have been provided to me in advance of trial, such as Sabu's
communications with the FBI. In addition, the majority of the
documents provided to me are under a "protective order" which
insulates this material from public scrutiny. As government
transparency is an issue at the heart of my case, I ask that this
evidence be made public. I believe the documents will show that the
government's actions go way beyond catching hackers and stopping