Ryan Cleary, 20, and Jake Davis, 19, pleaded guilty to plotting to bring down high-profile websites and hack into the computers of government agencies, media companies and IT security firms.
The pair schemed with other hackers from the groups Anonymous, LulzSec and Internet Feds to use a remotely-controlled network of zombie computers known as a "botnet" to carry out so-called distributed denial of service (DDoS) attacks, where sites are flooded with traffic to make them crash.
They launched DDoS assaults on the UK's Serious Organised Crime Agency, the CIA, News International, Sony, US computer game firm Bethesda, web-based game Eve Online and the fundamentalist Westboro Baptist Church in Kansas in the United States.
Cleary, of Wickford, Essex, and Davis, of Lerwick in the Shetland Islands, also hacked into computers operated by the NHS, News International, Sony, Nintendo, film studio 20th Century Fox, American public broadcaster PBS, the Arizona state police and US computer security organisations HBGary, Black & Berg and Infraguard.
Having gained access to the systems, they made unauthorised changes including adjusting security settings and re-directing visitors to websites hosted by hackers.
The pair pleaded guilty at London's Southwark Crown Court to two charges of conspiring to do an unauthorised act to impair the operation of computers between February 1 and September 2 last year.
Two alleged co-conspirators, Ryan Ackroyd, 25, of Mexborough, Doncaster, and a 17-year-old boy, who cannot be named for legal reasons, appeared in the dock alongside them yesterday (Mon) to deny the offences.
All four denied two charges of encouraging or assisting an offence by posting unlawfully obtained confidential computer data to public websites including LulzSec.com, Pirate Bay, and PasteBin that could be used in fraud and used in offences under the Computer Misuse Act.
Cleary, who has Asperger's syndrome, pleaded guilty to another four charges he faced alone.
He admitted carrying out an unauthorised act to impair the operation of a computer between January 1 2009 and June 21 2011 by constructing a botnet capable of launching DDoS attacks and supplying articles for use in an offence.
He also admitted doing an unauthorised act or acts with intent to impair computers by directing DDoS attacks on web hosting firm DreamHost on April 30 and by installing or altering files on Pentagon computers controlled by the US Air Force Agency between May 1 and June 22 last year.
Earlier this month Cleary's solicitor, Karen Todner, confirmed he was subject to an indictment in California but said he was not expected to be extradited to the US.
LulzSec, whose name is a combination of the internet slang "lulz" meaning "laughs" and an abbreviation of the word "security", is a spin-off of Anonymous, a loosely organised hacking collective.
All four apart from Cleary were released on bail. They will face trial on the remaining charges in April next year.
