Warning! Conspiracy Theory Incoming Just to show I do have some rudimentary ability to find and check some facts should I choose to, this piece may actually have some credibility to it. I will point out sources, name them, and give them a shot at refuting my assumptions, and if there are any I will append them to the bottom of the post. Recently a fist full of individuals (th3j35t3r, gr4ssh0pp3r, Miss Mary, Web Ninjas, and Indiana Jones) claim to have finally outed Sabu. I have some fundamental issues with this information. And even j35t3r notes in his blog that it is entirely possible that its not really him. From Jesters Blog So only 2 scenarios exist: 1). Either @anonymouSabu is Hugo Carvalho and is desperately trying to mis-direct and deny. 2). @anonymouSabu used Hugo Carvalho’s ID as another scapegoat hoping he would get doxed to hell and back. I personally subscribe to theory #2 and I will tell you why. Hacker and SE 101: These individuals generate burner id’s, adversaries, and alters, track who is who, and go to extreme lengths to populate these generated id’s with other twitters, facebooks, paypals, and domain holders. This is all an orchestrated campaign of misinformation and propoganda meant to lead people down the rabbit hole. It has recently been suggested that @anonymouSabu actually created @TeaMp0isoN_ as an adversary and played both sides of the fence, made some huge claims to be super 1337 and proceeded to wage war with @Lulzsec, Anonymous, and @anonymouSabu specifically. Now. Either this was all a sad little attempt at attention seeking by the pastebin poster (found here), A garden variety pastebin fraud, or a brilliant propoganda move on the part of @Lulz and co to misdirect, deflect, and promote their cause. The Response: Now, there are three basic rules of thought on how to respond to d0x1ng as well. The first and most popular is simply Deny Deny Deny broadcast to the world what a skid this person is and lots of rofling. The second is to acknowledge the false d0x1ng, and let the trolls exclaim from the mountain tops that they have achieved the unpossible thus diverting all attention away from yourself and to whomever this poor bastard is. Thirdly, and by far the most brazen, is to drop your own dox and challenge the world to ‘come at me /b/ro’ The Proof Now…lets assume for a moment that Sabu is a mouth breathing window licker and he actually HAS all of his personal information out there someplace. Its possible. Question is, how much and where. Since this latest d0xing, I have followed links to a hi5 account, domain registrar information, a litany of registrar name changes after supposed d0x1ng attempts, a myspace account (my personal favorite), a facebook and a LinkedIn account naming himself as a CEO of HostSquadron. I would like to believe that these people don’t go through as much trouble as possible to stay off the radar and then have everything but their dna profile laid out there on every social media site known to man. th3j35t3r has also quoted one of Sabu’s tweets stating: @anonymousabu: If its not already obvious already: my!=hector/xavier/rafael lima/monsegur/de leon/kaotico/negron.Disinfos my game – enjoy the ridemates.” Turns out all of these monikers are actually real people. And all appear to be registrants at one time or another on a domain that is believed to belong to Sabu. What exactly does this prove? Your assuming that the original purchase/transfer was done in the name given to him/her at birth. Just because you found the first person after the initial transfer still doesn’t prove that the person listed is the actual person. That person could in all likelihood, be the end result of a carefully orchestrated dead end. Supposition Next, lets look at his actual responses. First of all, he ack’d WAY too fast ! I scoured his responses and all I could manage to find that was on point were: @DustLavaRockSan @deadmanflying @KungFuCage OK You found me. I am Hugo. I am in Portugal. Next question is: Can you stop me? ;) @RichRoma I am honest. No need to hide who I am. Now come and get me. I have more surprises up my sleeve, putahna;) Now there could have been others that have been deleted, but even the clown doesn’t show anything. Being that Sabu is a self admitted practitioner of the disinfo’ can anything be taken at face value? The CNET reporter claims in her recent post to have gotten a response from an email sent to the only known email associated with the HostSquadron site that follows: “I’m Hugo Carvalho, and the story behind me and this nick guy Sabu is a complete lie. Someone stole my photo from one of my Web sites and started to spread the rumor that I was affiliated with this hacking group,” “Feel free to post this e-mail in your Web site and state that there is no relation between me and anyone related to that hacking stuff.” Couple things strike me as a little odd here: 1. He allegedly states “this nick guy Sabu” I don’t know what information was given to this individual, but there was never a mention of previous name of Nick used. Another insertion of a name, OR, a confused individual. 2. A CEO of a hosting site really use terms like “hacking stuff” Conclusion: As much as that whole time line plays out nicely, is possible, and appears on its face to be an exhaustive bio of one of the most talked about people these days. It is also just as credible to suggest that jester, teampoison, lulzsec, topiary, and the rest of the cast are all conjured alts of Sabu created for the sole purpose of misinformation, confusion, and entertainment. I think what we have here ladies and gentlemen, is a supreme psychological mindfuck and trollfest unlike any I have seen before. But hey, I tend to be that grassy knoll kinda guy. TFI – Newsdesk Sources: CNET News Th3j35t3r’s Blog Twitter Pastebin My own diseased mind. *TFI was recently referenced in an article by a reporter from cnet.com, in reference to the d0xing that I did of Sabu, I appreciate the nod and the subsequent traffic that came from it. There was ZERO attempt to make this look like anything other than what it was, a ridiculous mocking of the countless people making sad attempts to actually d0x the members of Lulzsec, I assumed it was clear. I mean c’mon the line “Much like Jesus, his formative years appear to be undocumented” should have been immediately distinguishable, But in case the meta tagging and website name and content within isn’t clear, yes, 99.9% of what you find here is going to be op-ed, lunatic ramblings of the site owner with information that is either unconfirmed, un checked, or completely false. If you happen to be the subject of one of these pieces, please, by all means, let me know what you think at [email protected]