The self-proclaimed leader of loose-knit hacking collective LulzSec, Matthew Flannery, is facing charges of illegally accessing the website of Narrabri Shire Council on three separate occasions.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
Mr Flannery appeared before Sydney Central Local Court on Wednesday morning to face charges he accessed council systems on three separate occasions on April 9 and April 11. He was apprehended by Australian Federal Police on April 23 after a two-week investigation and later given bail.
Narrabri is 520 kilometres north-west of Sydney.
Police had previously refused to detail which government website Mr Flannery was accused of accessing, apart from noting it was not related to the federal government.
They also refused to confirm his identity as Mr Flannery, only to denote him by his online nickname ‘Aush0k’.
The Australian Financial Review has confirmed Mr Flannery worked for Content Security, which resells software from US-based Tenable Network Security
“This individual was operating from a position of trust who had access to sensitive information from clients including government agencies,” AFP manager of cybercrime operations, Glenn McEwen, said in announcing Mr Flannery’s arrest in late April.
However, a spokesman for Content Security confirmed Narrabri Shire Council was not a client of the company’s, and said Mr Flannery’s actions had no effect on any of its clients.
Police said his arrest prevented Mr Flannery from doing any serious harm to the council’s systems.
According to police, Mr Flannery had claimed in online forums and in interviews with police that he was leader of LulzSec, which since 2011 has taken credit for high-profile attacks against government websites in the United States, Britain and Mexico, as well as against major corporations such as Sony.
The AFP alleged Mr Flannery “did cause unauthorised modification of data held in a computer, to wit, a website belonging to Narrabri Shire Council, knowing the modification was unauthorised and being reckless as to whether the modification impairs it will impair access to that or any other data held in any computer or the reliability, security or operation, of any such data the modification occurring under the following circumstances on Tuesday, April 9, 2013 uploaded a file that modified the security of the server”.
Similar charges were laid for two subsequent attempts to access the website on April 11.
“Essentially he took advantage of a commonly known exploit, put a backdoor in the thing, and then used it to gain access to the website and post other things on the website,” AFP cybercrime operations superintendent Brad Marden said in late April.
“At the moment we are still looking at the website to determine what he had access to, but at the moment there is no indication he had access to personal or private information on that website.”
He is scheduled to appear before Woy Woy Local Court on August 6.
Mr Flannery refused to comment on exiting the court on Wednesday.