Man arrested for allegedly selling hacked military info to terrorists

Ardit Ferizi of Kosovo was arrested in Malaysia on terrorism charges and is set for extradition to the US.

Katie Collins Senior European Correspondent

Katie a UK-based news reporter and features writer. Officially, she is CNET's European correspondent, covering tech policy and Big Tech in the EU and UK. Unofficially, she serves as CNET's Taylor Swift correspondent. You can also find her writing about tech for good, ethics and human rights, the climate crisis, robots, travel and digital culture. She was once described a "living synth" by London's Evening Standard for having a microchip injected into her hand.

See full bio

Katie Collins

Oct. 16, 2015 8:43 a.m. PT

2 min read

Islamic State has tweeted personal details of more than 1,300 US military and government employees. Jean Marmeisse/Corbis

A Kosovan man has been arrested in Malaysia after allegedly hacking into databases containing the personal information of 1,351 US military and government employees and passing the information to the Islamic State in Syria.

Ardit Ferizi, 20, is known in hacking circles as "Th3Dir3ctorY" and leads a group called Kosova Hacker's Security, the US Department of Justice said Thursday. Malaysian police accused Ferizi of passing the names, locations, phone numbers, email addresses and passwords of US military and federal employees to Junaid Hussain of the Islamic State between June and August to help incite terrorist acts against them. He's set to be extradited to the United States.

"Early investigation found the suspect communicated with [a] right hand man...of IS terrorist group in Syria to hack a few servers containing information and details of US security personnel and team," Reuters reported the Malaysian Police as saying. "The details were then transferred to the operation unit of the IS group for further action."

Ferizi's alleged actions demonstrate how computer attacks and conventional warfare are blending and, as a result, how the Internet allows IS to reach beyond its power base in the Middle East and North Africa. IS also has been adept at using social media campaigns to spread its message and attract recruits around the world.

Islamic State's hacking division tweeted the news that it had gotten the information with a link to a 30-page document containing the stolen details in hopes of encouraging attacks against the individuals.

"We are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands," the document read, according to the US Attorney's Office.

Describing Ferizi as a "terrorist hacker," Assistant Attorney General for National Security John Carlin said the case is the first of its kind.

"National security is compromised by computer intrusions, and Ferizi is charged with obtaining the personal identifying information of US military and government personnel and providing it" to the IS, added US Attorney Dana Boente. "We will investigate and prosecute these cyberattacks to fullest extent of the law."

If convicted, Ferizi could face 35 years in prison, the Department of Justice said.