In the very early hours of June 8, 2011, Hector Monsegur sat in a small room filled with computer equipment at the Federal Bureau of Investigation’s downtown Manhattan office. The night before, a handful of agents had appeared at his door in the Lower East Side projects and arrested him for sending stolen credit-card information to a relative. But the agents were interrogating him for more serious crimes: They knew he was the notorious hacker Sabu, who had hacked multibillion-dollar corporations and governments around the world with the vigilante collective Anonymous and its offshoot LulzSec.
Had circumstances been different, Monsegur might have called an attorney; he certainly would have kept denying he was Sabu. But he had two cousins, a 5-year-old and a 7-year-old, whose mother was in prison for selling heroin and whose father was out of the picture. Monsegur was their legal guardian. More than anything, he was desperate to keep the girls. He was terrified of what would happen to them if they went into the foster-care system.
The agents sensed an opening and suggested a deal. Monsegur could return to the girls—if he started cooperating with the FBI in its investigation into the hacking underground.
Monsegur’s first instinct was to tell the FBI to get lost. “I felt like I was betraying myself, betraying the cause,” he recalls. Then he thought about the girls.
When the sun rose, the agents took him to the courthouse. Released on bail, Monsegur showered and, in the afternoon, picked up the girls. They cried, saying they thought he had left them. He cried, too.
He secretly worked for the government for the next nine months—coordinating online with hackers late into the night as if nothing had changed, but knowing he’d be reviewing those conversations each day with agents determined to track those hackers down. And then, on March 6, 2012, in a torrent of articles that cited unnamed law enforcement officials, the world found out about his betrayal. Court records detailing his cooperation were unsealed shortly after.
“March 5th, everyone loves Sabu, I was the best guy in the universe,” Monsegur remembers. “March 6th, I was Benedict Arnold. I was a traitor. I was ‘Sammy the Bull’ Gravano. I was the worst person to ever exist.”
Monsegur doesn’t like talking about his time working with the FBI. On one hand, his work with the FBI turned him into a widely reviled figure on the internet. On the other, cooperating let him keep the girls until their mother was released from prison. Monsegur was determined to remain a lodestar in their lives. The night he chose to turn on Anonymous launched a complicated path to redemption. It’s one he’s still trying to figure out.
After the government revealed his identity in March 2012, Monsegur tried to lay low. Reporters swarmed his apartment, the FBI relocated him and his young cousins were returned to their mother, who a couple of months earlier had been released from prison. But in May that year, agents discovered a blog he kept that made references to the FBI. His bail was revoked, and he was sent to the Metropolitan Correctional Center, known in some circles as the Guantanamo of New York.
Monsegur was intimidated to serve time alongside terrorists and kidnappers, but time in jail turned out to be beneficial; it forced him to think about everything he’d done and to figure out his priorities.
Right before Christmas, Monsegur was re-released on bail. His family came to pick him up, and they watched him scarf down a hot dog, down a soda and smoke a cigarette. He was excited to focus on doing right by the girls, which meant getting a job so he could support them.
But as he re-acclimated to life outside jail, Monsegur realized he was stuck in a fresh purgatory. He wasn’t permitted to touch a computer, which meant he couldn’t use the one skill he had to support himself or his family. As his sentencing hearing kept getting delayed, the uncertainty weighed on him further. His aunt, who helped raise him with his now-late grandmother (and requested that she not be named), recalls how he got headaches so debilitating that he couldn’t see. She sat with him in a dark room, placing cold rags on his forehead. She urged him to see a therapist. He didn’t.
Almost three years after his arrest, Monsegur finally stood before a U.S. district judge for his sentencing. It was an unusual hearing for even the seasoned court reporters there. Monsegur’s defense attorney, the prosecutor and the judge all took turns praising him for the “extraordinary” nature of his cooperation. Then he was sentenced to time served for his seven months in custody, which was even less than the two-year mandatory minimum for his crimes. He had been facing a maximum penalty of more than 120 years. The judge told him that she looked forward to him using his skills for good.
Monsegur walked free that day, but his computer use had to be monitored for an additional year. He drove tow trucks to make ends meet. The ban lifted in May 2015, but getting back online brought him no joy. Monsegur was paranoid that the feds were out to get him again and worried that he’d click on the wrong thing. But computers were the only thing he knew, so he tried to get a job in the very industry he once mocked: cybersecurity. His prospects were exceptionally dim. For most companies, his criminal record alone was instantly disqualifying. Then there was his reputation as a notorious hacker who turned on his friends. By some accounts, Monsegur was a lazy but brilliantparty boy from the projects. The rejections piled up.
In summer 2015, Benjamin Caudill, founder of a small cybersecurity company called Rhino Security Labs, found himself in the middle of a tech-media storm. Several weeks earlier, he had unveiled a tool that would let anyone get online without revealing their physical location. Then Caudill abruptly canceled the project for reasons he refused to divulge. As the internet speculated about what had happened, one person sympathized with his sudden notoriety, and one day Caudill received a Twitter direct message from a stranger. It was Monsegur.
A couple of years earlier, Caudill and Monsegur had been on opposite sides. At about the time Monsegur was infiltrating various federal contractors, Caudill was working for Boeing Co., which sells planes and weapons to the U.S. government. Caudill remembers discussing with his team what they would do if Anonymous attacked. And now, here was one of its former leaders, saying hi.
Caudill had read the stories about Monsegur and was suspicious. But he responded anyway. They struck up a conversation on Twitter, which led to a phone call that lasted several hours. As they nerded out over various cybersecurity issues, Caudill was stunned that Monsegur was nothing like the person he’d come to expect. “I wouldn’t have believed it myself had I not experienced it,” he says. “He’s actually a very, very gentle, very nice, kind person.”
As they became friends, Monsegur confided that he was having a tough time securing a job. Caudill took it upon himself to connect Monsegur with his contacts. Caudill says he reached out to 20 to 30 people, and not a single one was willing to have even an initial conversation.
So in the fall of 2015, Caudill decided to hire Monsegur himself. Rhino’s business was growing, and there was a repeat client with a particularly thorny job. Caudill got this company’s permission and asked Monsegur to join the project as a contractor. Monsegur, needless to say, was thrilled, and according to Caudill, “blew it away.” Caudill asked more clients for permission to put Monsegur to work on their projects. They were hesitant, and several declined. But some agreed. After a couple of additional projects, Caudill hired Monsegur as a full-time employee.
Today, Monsegur is the director of assessment services at Rhino, which deploys white hat hackers (the good guys) to test a client’s network before the black hats (the bad guys) get in and wreak havoc. Monsegur manages a team of five. His job is remarkably similar to what he once did as an illegal hacker—except this time, his team doesn’t exploit its findings for a highly publicized attack. It submits a report to the client.
Monsegur doesn’t miss his old vocation. “I’m bored of hacking,” he says. “I look at security research as a job and I try to make it as monotone as possible. I want to maximize results for my clients and be able to finish up my shift and enjoy something else, like Netflix. ‘Stranger Things 2’ was great, by the way.”
Monsegur, now 34, attributes this new attitude to growing older and maturing. His aunt seems more saddened by the change. “He’s exhausted from being on the computer,” she says. “He’s not in love with it anymore. He doesn’t have that same love like when I gave him his first computer.”
His advice to kids today: Put your phone down, close your laptop and enjoy a walk outside. And also to never do what he did.
He especially regrets joining Anonymous. “They give you attention and they retweet you and they re-Facebook you and they re-status you,” he says. “Until they don’t like you no more. And then you have 10,000 death threats in your inbox.”
He even has second thoughts about some of Anonymous’s most popular hacks, including supporting the Arab Spring protesters in early 2011 by defacing the websites of various authoritarian governments. At the time, Monsegur thought he could help topple those regimes. Now he watches the continued turmoil in Tunisia and wonders if the people there are really any better off. “It was not my position to involve myself in the first place,” he says. He also feels genuine shame for some of the other hacks he did, especially the ones that leaked people’s personal information. Identity thieves could still be exploiting that data, he says.
To this day, Monsegur’s aunt still worries about her family’s safety. The government “got what they wanted. They got what they needed. And they left us here to survive again.”
Monsegur says the government exaggerated the extent of his cooperation to bring down his fellow hackers. He thinks he was a casualty of its war on the then-emerging threat of hacktivism. In his sentencing hearing, making the point that he had already suffered enough, Monsegur’s defense lawyer remarked on prosecutors’ unusually early decision to reveal his identity as a cooperator. They were pursuing a “deterrent effect,” she said. Monsegur dispenses with the legalese: “Their goal was to scare the shit out of Anonymous and it worked. It worked flawlessly.” The media, he says, ate it all up, slandered him and broke his heart.
Still, he catches himself occasionally and tries to stop himself from going down that rabbit hole again. He knows his life could have turned out very different, and he’s grateful to have a second chance. “I accepted it,” he says repeatedly—as if to will himself into accepting it once and for all.
Monsegur’s cousins are now 12 and 14—old enough to know what he did and why it was wrong. They’re both honor roll students, and their mother says they’re thriving.
Monsegur says he wishes he could block the girls from going online, laughing as he says this. He knows they’d hate him if he tried. He just thinks there are too many people out there with nefarious motives who could hurt them.
Still, he can’t help but smile as he mentions that the younger of the two has expressed an interest in programming. Next on his list: finding her a coding program.