US indicts alleged culprit of HBO hack-and-extort campaign

US prosecutors have pressed charges against an Iranian national who allegedly hacked into HBO cable TV network this summer, making off with various materials including unaired episodes of hit shows along with actors’ personal data before demanding $6 million in bitcoins on pain of releasing the materials.

Behzad Mesri, who went by the moniker “Skote Vahshat,” is facing charges on a range of federal crimes, including computer fraud, wire fraud, extortion and identity theft, according to a sealed indictment [PDF] that the US Attorney’s Office in Manhattan released on Tuesday.

The material that Mesri, 29, is reported to have gotten his hands on totals no less than 1.5 terabytes and includes then-unreleased episodes, along with scripts and plot summaries, of the famed Game of Thrones series, as well as upcoming episodes of other shows such as Ballers, Barry, Room 104, Curb Your Enthusiasm, and The Deuce.

The grand jury indictment describes Mesri as a “self-professed expert” in hacking who had previously worked for Iran to attack military systems, nuclear software systems and Israeli infrastructure.

According to a press release by the US Attorney’s Office for the Southern District of New York, Mesri was also a member of an Iran-based hacking group called the Turk Black Hat security team and conducted hundreds of website defacements against websites in the United States and elsewhere.

“Mesri now stands charged with federal crimes, and although not arrested today, he will forever have to look over his shoulder until he is made to face justice,” Southern District of New York District Attorney Joon Kim was quoted as saying.

Mesri is thought to have started his hacking campaign in May, conducting reconnaissance on HBO’s computer network and employees and probing for vulnerabilities. Up until July, Mesri “successfully compromised multiple user accounts belonging to HBO employees and other authorized users, and used those accounts to repeatedly obtain unauthorized access to HBO’s computer servers,” according to the US Attorney’s Office.

Between approximately July 23 and 29, Mesri allegedly engaged in his blackmail campaign. After the TV network didn’t pay the required $6 million in digital cryptocurrency, he began leaking portions of the stolen data on July 30.

Reuters reported in August that HBO had, in fact, offered $250,000 to cybercriminals in July in exchange for pushing back the deadline “for paying a much larger ransom”. The request – which a person acquainted with HBO’s response described as a delay tactic – prompted no response from the hacker.

Author , ESET

Follow us

Copyright © 2018 ESET, All Rights Reserved.