Hackers all have different intentions. Some work to making computer networks more secure, while others develop malware and exploit software vulnerabilities.
Of the latter group, there is a special subclass of criminals: those who make the FBI’s Cyber’s Most Wanted list. These individuals give a whole new meaning to black-hat hacking. The nature of their crimes is such that all U.S. law enforcement agencies have mobilized against them under a shared commitment to bring these bad actors to justice.
For the next few weeks, we will be counting down 10 of the most wanted black-hat hackers by the FBI. This week, we begin with number 10.
In May 2017, Iran-based black-hat hacker Behzad Mesri began conducting reconnaissance of the networks and employees at Home Box Office (HBO), a premium cable and satellite television network. He spent the next two months compromising employees’ accounts so that he could access corporate servers and exfiltrate sensitive data. Some of the information he stole included footage from upcoming episodes of popular HBO shows like “Curb Your Enthusiasm.”
Three weeks before OurMine hacked the network’s Facebook and Twitter accounts, Mesri sent an email to multiple HBO executives and employees claiming he had stolen 1.5 terabytes of HBO’s data. A follow-up email alleged that he had lifted full scripts and cast lists for “Game of Thrones” as well as “precious data” for unaired shows.
Mesri, who previously worked for the Iranian military, issued his ultimatum to HBO on 23 July 2017: pay $5.5 million in Bitcoin or suffer the public release of its stolen data. The member of the Turk Black Hat hacking group upped his demands to $6 million three days later.
After HBO refused to meet the ransom, Mesri publicly released some of the stolen data beginning on 30 July 2017 and throughout August. He helped promote the data dumps by creating a Twitter profile that announced the leaks and by sending emails to the media about the disclosures, reveals a statement published by the Department of Justice.
It didn’t take long for law enforcement to catch wind of what Mesri was doing. Such interest begot an investigation that culminated in a grand jury indictment on the black-hat hacker on 8 November 2017. Filed in the United States District Court, Southern District of New York, those court documents charged Mesri with one count of wire fraud, a crime which carries a maximum sentence of 20 years in prison; one count of computer hacking, which carries a maximum sentence of five years in prison; three counts of attempting to undermine information’s confidentiality, each of which bear a maximum prison stay of five years; and one count each of both aggravated identity theft and the interstate transmission of extortion-based threats, crimes which both carry a maximum sentence of two years in prison.
It was at that time that law enforcement filed a federal arrest warrant against Mesri.
There has been no news of Mesri since the U.S. District Court filed the indictment against him. In all likelihood, he’s holed up in his native country. Unfortunately, the lack of an American-Iranian extradition treaty means Mesri will likely never stand trial in the United States if he’s located and unmasked in Iran.
But it’s not impossible. For more information on Mesri and how you can help bring him justice, check out the FBI’s poster on this computer criminal.
You can also read about other black-hat hackers wanted by the FBI here.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].