The Justice Department has charged a hacker in Malaysia with stealing the personal data of U.S. service members and passing it to the Islamic State terrorist group, which urged supporters online to attack them.
The charges, announced Thursday, are the first against a suspect for terrorism and hacking, and they represent a troubling convergence of terrorism with the techniques used in cyberattacks, U.S. officials said.
Ardit Ferizi, a citizen of Kosovo, was detained in Malaysia on a U.S. provisional arrest warrant, officials said. He was arrested a month ago, according to Malaysian news media.
Ferizi is accused of passing the data to Islamic State member Junaid Hussain, a British citizen who in August posted links on Twitter to the names, e-mail addresses, passwords, locations and phone numbers of 1,351 U.S. military and other government personnel. He included a warning that Islamic State “soldiers . . . will strike at your necks in your own lands!”
Later that month, Hussain, who went by the nom de guerre Abu Hussain al-Britani, was killed in a drone strike in Syria.
“Ardit Ferizi is a terrorist hacker who provided material support” to the Islamic State by stealing the names, e-mail addresses, passwords and other data of service members and federal employees and handing the information to the terrorist group, Assistant Attorney General John Carlin said.
“This case is a first of its kind and, with these charges, we seek to hold Ferizi accountable for his theft of this information and his role in ISIL’s targeting of U.S. government employees,” Carlin said. The Islamic State is also known as ISIL and ISIS.
According to the complaint filed in the Eastern District of Virginia, Ferizi in June hacked into a server used by a U.S. online retail company. The company’s name was not released. He obtained data on about 100,000 people. Later in the summer, he sent the details of about 1,351 military and other government personnel to the Islamic State, “knowing that ISIL would use the [data] against the U.S. personnel, including to target the U.S. personnel for attacks and violence,” said the complaint, drawn up by FBI Special Agent Kevin M. Gallagher.
In August, Hussain posted the data with an accompanying tweet: “NEW: U.S. Military AND Government HACKED by the Islamic State Hacking Division!” Gallagher said in the complaint.
Hussain and Ferizi had made contact about April this year, Gallagher said. Hussain was considered a high-value target and was suspected of helping the Islamic State take over the social-media accounts of the U.S. military’s Central Command this year.
He also was in contact with one of two gunmen who opened fire at a contest in Garland, Tex., featuring caricatures of the prophet Muhammad, according to the complaint.
Ferizi, whose Twitter account was @Th3Dir3ctorY, is the leader of a group of ethnic Albanian hackers from Kosovo who call themselves Kosova Hacker’s Security (KHS), according to Gallagher. He cited an interview by the InfoSec Institute, a training organization for technology professionals that also conducts interviews with hacker groups.
According to the interview, KHS had claimed responsibility for hacking more than 20,000 Web sites, most of them belonging to the Serbian government. The hacker of the online retailer in August had created a user account with the initials KHS, the complaint said.
After a security official at the retailer deleted some of the hacker’s files from the company’s server, the company received a threatening message from someone calling himself “Albanian Hacker.” When the FBI reviewed the company’s server, agents tracked the intrusion to a computer with an Internet address in Malaysia, Gallagher said.
Malaysian police, in a statement late Thursday, said that Ferizi would be extradited to the United States. It is unclear how long that would take.
Matt Zapotosky contributed to this report.
For a video, go to wapo.st/isishacker.