Cyber Defense

Hacker suspected of giving US info to ISIS is arrested in Malaysia

Officials in Malaysia have arrested a Kosovar hacker accused of stealing personal information on U.S. military service members and federal employees, and passing that information to the terrorist group ISIS. The United States is seeking extradition of the alleged hacker, Ardit Ferizi, the Justice Department said.

In a criminal complaint unsealed Oct. 15, Ferizi, 20, is accused of hacking into the computer system of an unidentified U.S. company, and taking information on about 1,351 service members and feds. Between June and August this year, he allegedly passed that information to several ISIS members, including Junaid Hussain, aka Abu Hussain al-Britani, a British citizen and ISIS recruiter.

On Aug. 11, Hussain tweeted, “NEW: U.S. Military AND Government HACKED by the Islamic State Hacking Division!” The tweet contained a link to a 30-page document, which stated, “we are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands!”

The document also included the names and personal information of the military and other federal personnel, allegedly to encourage ISIS sympathizers in the United States and elsewhere carry out attacks on those people.

Later in August, the Pentagon said that Hussain was killed by a U.S. drone strike in Syria.

ISIS, known mostly for brutal battlefield attacks, beheadings and other terrorist acts across swaths of Iraq and Syria, has been building up its presence on social media and the Internet in general, and has attracted a following of “lone wolf” hackers willing to carry out cyberattacks on its behalf.

Ferizi, a citizen of Kosovo, who used the hacker name “Th3Dir3ctorY” is believed to be the leader of a hacking group called Kosova Hacker’s Security (KHS). He faces up to 35 years in prison if he is convicted.

“This case is a first of its kind and, with these charges, we seek to hold Ferizi accountable for his theft of this information and his role in ISIL’s targeting of U.S. government employees,” said Assistant Attorney General for National Security John Carlin. (ISIS, or the Islamic State of Iraq and Syria, is also known as ISIL, or the Islamic State of Iraq and the Levant).

Ferizi, who reportedly came to Malaysia in 2014 as a student, was arrested Sept. 15 in Kuala Lumpur. The United States is looking to extradite him to the U.S. Attorney’s Office of the Eastern District of Virginia for stand trial.

About the Author

Kevin McCaney is a former editor of Defense Systems and GCN.

Defense Systems Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.