A 20-year-old hacker from Kosovo, Ardit Ferizi, is facing charges that he gave the Islamic State a trove of personal data on U.S. government employees and military members, useful for planning terrorist attacks against them.
The stolen data is similar in nature to the immense trove stolen by hackers from the U.S. Office of Personnel Management, including names, email addresses, passwords, and city and state of residence for the targeted individuals, but on a much smaller scale. This hack affected 1,351 victims, as opposed to the 21.5 million affected by the OPM hack, according to the Washington Post.
The charging document also accuses Ferizi of transferring credit card information to Islamic State supporters, supporting allegations that he provided material support to ISIS. The credit card info went to an ISIS-linked Twitter account called “@Muslim_Sniper_D,” which was also in contact with one of the jihadis who was killed while trying to attack the Mohammed Art Exhibit in Garland, Texas.
The Post report notes there is no reported harm to the victims of Ferizi’s cyber-theft, but ISIS was very interested in using the data for both propaganda threats and future attacks. An ISIS online propaganda broadcast incorporated the stolen data, claiming “U.S. Military AND Government HACKED by the Islamic State Hacking Division,” which included a threat that “soldiers of the caliphate” would “soon, with the permission of Allah, strike at your necks in your own lands.”
The ISIS hacker Ferizi is accused of conspiring with, Junaid Hussain (aka Abu Hussain al-Britani, due to his British origins), was reportedly killed by a U.S. airstrike in Syria last August.
Ardit Ferizi is believed to be the leader of a hacker group called KHS (Kosova Hacker’s Security), working online under the alias “Th3Di3ctorY.” He was living in Malaysia when he was arrested in September. The FBI charging document credits the KHS with hacking some 90 percent of Serbian government websites, along with Interpol in 2012, and Microsoft’s Hotmail email servers in 2011.
The computer Ferizi raided was physically located in Arizona, but the case was filed in federal district court in Alexandria because many of the victims lived in the Eastern District of Virginia. Included among the evidence against Ferizi are messages from “an Albanian hacker” left for administrators of the computer company in Arizona, threatening them with reprisals if they attempted to interfere with his “hacking job” against one of their clients.
The hacker even tried to extort a bribe in Bitcoin from the hosting company to leave their system alone. The FBI traced these messages back to Malaysia and linked to Ferizi, identifying his computer from activity on his Facebook page.
Ferizi was extradited from Malaysia to Virginia last week, making his first court appearance on Thursday. If convicted of the charges against him, he could face up to 35 years in prison.