Suspected LulzSec member arrested by FBI for Sony Pictures hack

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Sony PicturesA man suspected of hacking into computer systems belonging to Sony Pictures, and stealing the personal information and passwords of thousands of innocent internet users, has been arrested by the FBI.

20-year-old Raynaldo Rivera, of Tempe, Arizona, is said to have been involved in the Sony hack last year that exposed online the names, birth dates, addresses, emails, phone numbers and passwords of people who had entered Sony contests.

At the time LulzSec published what they called a “Pretentious Press Statement” about the hack which was said to have been done via an SQL injection attack against a vulnerable Sony website:

"SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks?"

Sign up to our free newsletter.
Security news, advice, and tips.

The security breach is said to have cost Sony over $600,000.

According to the FBI, Rivera was an accomplice of 24-year-old LulzSec member Cody Kretsinger, who pleaded guilty in April to charges connected to the Sony Pictures hack, reversing an earlier not guilty plea.

HideMyAss logoKretsinger used the HideMyAss.com proxy server website to disguise his IP address as he the Sony Pictures’ website was probed in May 2011, hunting for vulnerabilities.

HideMyAss.com’s terms and conditions stipulate that their service is not to be used for illegal activity, however, and they co-operated with the authorities when a court order was received requesting information.

Rivera, who is said to use the online handles “neuron,” “royal” and “wildicv”, is suspected of similarly using a anonymising proxy in an attempt to conceal his computer’s real IP address.

On Rivera’s Facebook page (which can be found at https://www.facebook.com/wildicv) he describes himself as “just your common computer geek”, and appears to have recently left a job at at the University of Advancing Technology in Tempe, Arizona.

Raynaldo Rivera's Facebook account

Others considering committing crimes on the net might be wise to stop believing that using an anonymising proxy service will necessarily keep them out of the clutches of the law.

Rivera faces up to 15 years in prison if convicted of the charges against him.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.