Alleged ISIS Hacker Could Not Have Been More Careless
Hacker allegedly used real name, Twitter and Facebook for criminal activities
Ardit Ferizi posing with a friend. (Image: Facebook)
Malaysian authorities, on behalf of the FBI, have arrested what can probably be described as the most careless hacker ever.
Ardit Ferizi, a student from Kosovo who was living in Malaysia, is accused of passing hacked information to the militant group known as ISIS, or ISIL. In June, he allegedly obtained the private information of 1,351 US military and government personnel, and later passed it to a ISIS member in Syria. Ferizi got caught because he practically never did anything to hide neither his identity, nor what he was doing.
First of all, according to an FBI agent's affidavit, he used his real name on the Twitter account he used to communicate with ISIS members, not private just via Direct Messages, but also openly tweeting at them.
According to the evidence presented by the FBI in the affidavit, Ferizi also never tried to hide his real IP address.
During the investigation, the FBI linked the IP address he used to log into his personal Facebook and Twitter accounts to a cyberattack against an unnamed company, where he obtained the private information of the military and government personnel. He then allegedly passed the information on to Junaid Hussain, a ISIS member and hacker who was also known as Abu Hussain Al Britani. (Hussain was killed by a US drone strike in August)
"It's crazy the things he did," an independent security researcher known as "Switched," who has been closely following ISIS-related hacking activities, told Motherboard.
"He's a classic case of what not to do."
"He's a classic case of what not to do and of the pitfalls of being just 'kali hacker,'" he added, referring to the operating systems for penetration testers and hackers Kali Linux, which comes preloaded with various hacking scripts and exploits. "The 'kids' run Kali and consider themselves hackers, never learning or understanding what all takes place when they push the button."
Moreover, when Ferizi allegedly broke into the unnamed company's servers, he logged in using the moniker KHS, which was the abbreviation of his hacking collective, the Kosova Hackers Security.
He also allegedly left a message to the server's administrator, asking the admin to stop trying to prevent him from accessing the data. He allegedly signed the message as "an Albanian Hacker." When the administrator asked him to stop hacking into the systems, Ferizi allegedly asked for 2 bitcoin (around $500).
The Department of Justice announced his arrest on Thursday.
"Ardit Ferizi is a terrorist hacker who provided material support to ISIL."
"Ardit Ferizi is a terrorist hacker who provided material support to ISIL," Assistant Attorney General for National Security John P. Carlin is quoted as saying in the press release. "This arrest demonstrates our resolve to confront and disrupt ISIL's efforts to target Americans, in whatever form and wherever they occur."
For Marcy Wheeler, a well-known blogger who writes about civil liberties and national security, this case proves that the FBI's concerns regarding terrorists using encryption are unwarranted.
"In this case, FBI isn't going dark on ISIS' attempts to incite attacks on Americans," she wrote in a blog post on Friday.