The hacker behind the major breach of HBO has been identified as 29-year-old Iranian national Behzad Mesri, according to an indictment released on Tuesday by the US attorney’s office in Manhattan. Mesri allegedly infiltrated HBO’s computer network by hacking employee accounts with remote access privileges.
“Mesri now stands charged with federal crimes, and although not arrested today, he will forever have to look over his shoulder until he is made to face justice,” acting Manhattan U.S. Attorney Joon H. Kim said in a statement.
“American ingenuity and creativity is to be cultivated and celebrated—not hacked, stolen, and held for ransom. For hackers who test our resolve in protecting our intellectual property—even those hiding behind keyboards in countries far away—eventually, winter will come.”
Between May and August 2017, Mesri, who lives in Iran, allegedly tried to extort the company out of $6 million in cryptocurrency, threatening to publicly release confidential cast and crew contact lists, unaired episodes and scripts of popular TV-shows including Game of Thrones, The Deuce and Curb Your Enthusiasm. Mesri started leaking information after HBO executives refused to give in to his demands in July.
Also known as “Skote Vahshat,” the man has been linked to cyberattacks performed in the name of the Iranian military through hacker group Turk Black Hat Security, US prosecutors say.
“At certain times, MESRI was a member of an Iran-based hacking group called the Turk Black Hat Security team,” reads the complaint. “As a member of that group, MESRI conducted hundreds of website defacements using the online hacker pseudonym ‘Skote Vahshat’ against websites in the United States and elsewhere around the world.”
He has been charged with wire fraud, computer hacking, three counts of threatening to release confidential information, aggravated identity theft and extortion, and is on the FBI’s most-wanted list. If he travels outside of Iran, he will be arrested and taken to the US for prosecutors, government officials said.
This is a Security Bloggers Network syndicated blog post authored by Luana Pascu. Read the original post at: HOTforSecurity