CompSci student arrested in Malaysia on doxing-for-ISIS charges

Malaysian authorities have arrested an alleged hacker from Kosova after receiving a tipoff from the US alleging he is an Islamic State-aiding cyberterrorist.

Ardit Ferizi, who is alleged to be behind the hacker pseudonym "Th3Dir3ctorY," is suspected to be the leader of a Kosovan internet hacking group called Kosova Hacker’s Security (KHS), according to a recently unsealed criminal complaint (PDF).

KHS is believed to be a group of ethnic Kosovan hackers "which is responsible for compromising government private websites in Israel, Serbia, Greece, the Ukraine, and elsewhere."

Malaysian police told CNN that Ferizi entered the country on a student visa to study computer science and computer forensics studies at a college in Kuala Lumpur. He is being held on a provisional arrest warrant ahead of an extradition hearing.

The criminal complaint alleges that in June 2015, Ferizi accessed the server of a internet hosting company which maintained the website of a US retailer. It was from the retailer that Ferizi was said to have accessed the personally identifiable information (PII) of "approximately 100,000 people."

Ferizi "provided the PII of approximately 1,351 U.S. military and other government personnel" to ISIS, intending that it would be used to target such personnel for attacks and violence.

In particular, the data was provided to British passport holders who had joined ISIS: Tariq Hamayun, a former car mechanic from the West Midlands, and Junaid Hussein, a jihadi hacktivist who was killed in a US drone strike in August.

The attacked company did not report the breach to the FBI until August, when the agency began to investigate. Shortly after it was reported, and attempts were made to mitigate the attack, Ferizi is alleged to have tried to extort two Bitcoin (then worth about $500) from the victim company.

I will make full report for server and method .. i will protect and remove al bug on your shop !

The complaint alleges several accounts and malicious attacks originated with Ferizi's IP address in Malaysia, where he resides on a student visa.

"As alleged, Ardit Ferizi is a terrorist hacker who provided material support to ISIL by stealing the personally identifiable information of US service members and federal employees and providing it to ISIL for use against those employees," said US assistant attorney general John Carlin.

"This case is a first of its kind and, with these charges, we seek to hold Ferizi accountable for his theft of this information and his role in ISIL's targeting of US government employees," continued Carlin. "This arrest demonstrates our resolve to confront and disrupt ISIL's efforts to target Americans, in whatever form and wherever they occur."

If convicted on charges of providing material support to a designated foreign terrorist organisation, of computer hacking related to the theft and distribution of US military and federal employees' personal information, Ferizi could face a sentence of up to 35 years in prison. ®