Authorities have arrested a Malaysia-based hacker who they accuse of stealing personal information of U.S. military members and giving it to ISIS.
Ardit Ferizi, a Kosovo citizen, was detained in Malaysia on a provisional U.S. arrest warrant alleging he provided material support to ISIS and committed computer hacking and identity theft, the U.S. Justice Department said.
According to a criminal complaint, Ferizi hacked into the computer system of a company in the United States and stole personally identifiable information of more than 1,000 U.S. service members and federal employees. Then, he allegedly gave that information to several ISIS figures, including a prominent propagandist for the group, the complaint says.
U.S. Assistant Attorney General John Carlin called the case against Ferizi — which combines cybercrime and terror charges as U.S. authorities aim to step up their crackdown on ISIS — “a first of its kind.”
“This arrest demonstrates our resolve to confront and disrupt ISIL’s efforts to target Americans, in whatever form and wherever they occur,” Carlin said in a statement.
Ties to prominent ISIS propagandist
The criminal complaint alleges there’s probable cause to believe Ferizi hacked into a server and stole names and personally identifiable information of more than 1,300 U.S. military and other government personnel — a list that was later posted online in August by a group calling itself the “Islamic State Hacking Division.”
“We are extracting confidential data,” a message from the group said, according to the complaint, “and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands!”
The military members’ data, including home addresses and photos, was allegedly stolen by Ferizi and passed on to Junaid Hussein, a British hacker who was active on social media recruiting Westerners to join ISIS, authorities said.
The U.S. military announced in August that it had killed Hussein in an airstrike in Syria. He was a leading member of ISIS’ so-called CyberCaliphate, which has carried out mostly nuisance hacks on military and other government websites in the United States, France and other countries.
After the list’s publication in August, Pentagon officials said they were investigating.
“I take it seriously, because it is clear what they are trying to do,” Gen. Raymond Odierno, the U.S. Army chief of ctaff, said at the time.
Many of the phone numbers and email addresses on the list were not in service when tested by CNN in August. But one person on the list, reached by phone, confirmed he had previously served in the U.S. military. He asked not to be named, but said he had recently been notified by the Pentagon that his name and personal information were on the list. Another, reached by email, confirmed she was a government employee who had been warned by the military about being on the list.
Complaint: Suspect led Kosovo hacking group
According to the complaint, Ferizi is believed to be the leader of a hacking group known as Kosova Hacker’s Security.
Malaysian Police said the 20-year-old alleged hacker had entered the country in August 2014 to pursue computer science and computer forensics studies at a college in Kuala Lumpur.
Malaysian authorities had been monitoring him for a few months after receiving information from the FBI, said Sr. Assistant Commissioner Datuk Ayob Khan Mydin Pitchay, head of the counterterrorism division, Special Branch of the Royal Malaysian Police.
Ferizi was arrested September 15 in Kuala Lumpur, the assistant commissioner said. He is under remand under a provisional arrest warrant while U.S. authorities apply for his extradition.