The FBI and the US Department of Justice (DOJ) will announce official charges later today against Behzad Mesri, an Iranian national, for allegedly hacking HBO, attempting to extort the company into paying a ransom, and leaking then-unreleased episodes and scripts for HBO TV series, including Game of Thrones.
According to an official indictment, Mesri was known online under the pseudonym of "Skote Vahshat," a member of the Turk Black Hat Security hacking group.
US officials say that before hacking HBO, Mesri had defaced hundreds of websites all over the world. A Packet Storm account under the name Skote Vahshat lists a vast collection of SQL injection scripts.
Hacker wanted a $6 million ransom
Mesri began his HBO hacking campaign in May this year when he "conducted online reconnaissance of HBO's computer networks and employees.
The hacker was successful and gained access to HBO's internal network from where he stole internal documents and unreleased TV episodes.
Starting July 23, during HBO's planned airing of season 7 of Game of Thrones, the hacker began his extortion campaign by emailing HBO execs and asking for a ransom of $6 million, paid in Bitcoin.
Hacker ran media campaign to promote his hack
When HBO refused, the hacker turned to the press and ran a well-organized media campaign called "HBO is Falling" to publicize the hack and release some of the stolen data.
The hacker went as far as to create a dedicated website where he released some of the stolen files, and aggressively contacted reporters to promote the leaked data. All in all, the hacker —who went by the name of Mr. Smith— claimed he stole over 1.5 TB of data from HBO's servers.
HBO refused to pay the $6 million ransom but tried to bargain with the hacker to pay $250,000 in the form of a bug bounty program reward.
Mesri declined the offer and in multiple phases, he released scripts for Game of Thrones episodes [1, 2], but also unaired episodes from TV shows such as Ballers, Barry, Room 104, Curb Your Enthusiasm, Insecure, The Deuce, Vice Principals, Felipe Esparza, and Latino Shorts.
Authorities say that prior to embarking on his personal hacking campaigns, Mesri also worked for the Iranian military, where he attacked military and nuclear software systems, and Israeli infrastructure. Mesri is still at large, in Iran.
HBO's Game of Thrones also plagued by leaks
Two Game of Thrones got leaked online over the summer — episode 4 and episode 6. Episode 4 was leaked online by employees of Star India, one of HBO's partners in India. Indian police arrested four suspects in this case.
Episode 6 leaked online after HBO España and HBO Nordic accidentally published the episode to their local HBO On-Demand platforms.
Comments
Occasional - 5 years ago
The article doesn't say where he was arrested, or anything about how. They'll probably keep the later to themselves, as long as they can. Still, it would be interesting to learn where he was, and from where he operated while doing the hack and the extortion.
campuscodi - 5 years ago
You can charge someone without arresting him beforehand. The FBI didn't say where he was, but seeing that he was involved with Iranian military, my bet is that he's still at home, in Iran, where the US can't reach him.
Occasional - 5 years ago
"Authorities say that prior to embarking on his personal hacking campaigns, Mesri also worked for the Iranian military, where he attacked military and nuclear software systems, and Israeli infrastructure. Mesri is still at large, in Iran." - somehow I missed this whole paragraph.
Still, interesting that they are saying he did this on his own, rather than an attack carried out by Iran; when it would be hard to know his true status.