SAN FRANCISCO – Jennifer Emick, who picketed Scientology with Anonymous, says it took her four hours to put a real name to the well-known hacker handle.

The trail to the New York apartment where a hacker named “Sabu” of LulzSec and Anonymous fame was arrested last June can be traced back to a former Anonymous participant who turned against the group over its WikiLeaks activities.

Sabu, whose name is Hector Xavier Monsegur, pleaded guilty to computer hacking charges in August and spent the last six months or so working as an informant for the FBI. The undercover operation led to hacking-related charges being filed against four alleged cohorts in the U.K., Ireland, and Chicago this week.

Sabu was the proverbial big fish who was admired among other hackers and hailed as an online freedom fighter. And unmasking him became a favorite hobby for rivals last year. But it was Jennifer Emick, after being harassed online for criticizing Anonymous’ hacking activities, who was the first to match a face and real name with the well-known hacker handle.

“It took me four hours to find Sabu,” Emick told CNET today.

It was February 2011 when she and her partners at Backtrace Security compiled a list of identities they believed were tied to the hacker handles associated with the HBGary Federal hack and others. Her break with discovering Sabu’s identity came to her from a friend in the group in the form of log files from an Internet Relay Chat room in which Sabu and other LulzSec members discussed the HBGary Federal compromise, she said. One of the log files contained a domain that led to a subdomain that had a mirror to a page where Monsegur posted photos and video of his beloved Toyota AE86 on a car enthusiast social-networking site. That led to a YouTube video that had information that allowed Emick to eventually find Monsegur’s Facebook page using a Google search.

Shortly after Backtrace Security posted the list of alleged hacker identities on the Web in March 2011, it got a call from the FBI asking it to remove the list and pass the information on to the feds, Emick said.

Backtrace Security has been following Sabu’s activities and communicating with the feds since then but was not involved in the investigation enough to know that Sabu had agreed to turn over his fellow hackers. But Emick said she suspected something was up when Sabu disappeared from IRC for more than a week in June and from Twitter for almost a month.

She speculated that the FBI maintained the undercover operation long enough for Sabu to re-establish trust after his disappearance and to allow them time to gather evidence that would be needed to prosecute his colleagues.

FBI officials did not return calls seeking comment for this story. The FBI was able to warn some of the hacking group’s targets and alerted 300 government and private entities globally to potential holes in their computer systems, Fox News reported. Agents even ordered Sabu to call hackers off a planned attack on the CIA’s public Web site, the report says. “You’re knocking over a bee’s nest,” he warned them. “Stop.”

This story was written by Elinor Mills of CNET News.Com

a>>