×
You will be redirected back to your article in seconds

U.S. Officials Charge Iranian Hacker With HBO Server Attack, $6 Million Extortion Scheme

UPDATED: The U.S. Attorney’s Office for the Southern District of New York on Tuesday announced charges against an Iranian national who allegedly hacked HBO’s servers and attempted to extort $6 million from the premium cable programmer.

Federal authorities charged Behzad Mesri, a 29-year-old citizen and resident of Iran, with seven criminal counts including computer hacking and fraud; wire fraud; interstate transmission of an extortionate communication; and aggravated identity theft.

According to the U.S. Attorney’s Office, Mesri (a.k.a. “Skote Vahshat”) broke into HBO computers and stole data — including unaired episodes of “Game of Thrones” and financial data — and then threatened to release the info unless HBO paid $5.5 million in Bitcoin.

Mesri is currently in Iran, and “we are unfortunately unable to arrest him today,” Joon Kim, acting U.S. Attorney for the Southern District of New York, told reporters at a press conference. But, Kim added, “He will never be able to travel outside of Iran without fear that he will be arrested on these charges.”

If convicted, Mesri faces a maximum sentence of 20 years in prison for wire fraud; up to five years for each of the four charges related to computer fraud; a two-year mandatory sentence for aggravated identity theft; and up to two years in prison for the extortion charge. Mesri was indicted by a federal grand jury on Nov. 8 and a warrant was issued for his arrest.

Between about May and July of 2017, Mesri compromised multiple user accounts belonging to HBO employees and other authorized users to gain access to the cable network’s proprietary information, according to a grand jury indictment released by the U.S. Attorney’s Office in New York.

HBO said in a statement: “HBO has confirmed in the past that we were working with law enforcement from the early stages of the cyber incident. As far as the criminal case is concerned, we prefer to leave any comments to the U.S. Attorney’s Office.”

In July, HBO confirmed that its computer systems had been breached, resulting in what it said was “the compromise of proprietary information.” The hacker, who called himself “Mr. Smith” in some communiques, reportedly made off with a trove of 1.5 terabytes of data and demanded millions in ransom payments from HBO in Bitcoin.

The hacker released of a “Game of Thrones” script and episodes of HBO shows including “Ballers” and “Curb Your Enthusiasm,” and gloated about the hack on Twitter and in emails to HBO execs and the media. HBO offered a $250,000 payoff to the hacker as a so-called “bug bounty,” but that move was in fact was a stall tactic by HBO as it assessed the situation.

According to federal investigators, Mesri stole unaired episodes of HBO original series including episodes of “Barry,” “Ballers,” “Curb Your Enthusiasm,” “Room 104,” and “The Deuce”; scripts and plot summaries for unaired programming including episodes of “Game of Thrones”; confidential cast and crew contact lists; emails belonging to at least one HBO employee; financial documents; and online credentials for HBO social media accounts.

In his email demanding a “non-negotiable” ransom payment of $5.5 million in Bitcoin, Mesri included an image of the zombie Night King from “Game of Thrones” with the message, “Good luck to HBO.”

Mesri had worked on behalf of the Iranian military to carry out cyberattacks that targeted military systems, nuclear software systems, and Israeli infrastructure, according to authorities. As a member of Iran-based hacking group Turk Black Hat Security, he had defaced hundreds of websites in the U.S. and elsewhere under the pseudonym “Skote Vahshat,” officials said.

On Sunday, the Washington Post reported that the Justice Department was preparing to announce charges against the HBO hacker along with other cases involving Iranian suspects. The report cited anonymous sources who said law-enforcement officials were concerned DOJ brass were pushing to publicly announce such cases because the Trump administration wants Congress to impose new sanctions on Iran.

Kim, the federal prosecutor, said the charges against Mesri were announced Tuesday after the U.S. Attorney’s Office in New York considered whether there was a realistic chance of actually apprehending the suspect, weighed against the “importance of sending a message that we can and will, even when you are immediately beyond our reach, target you and make a public statement like this.”

A rep for the U.S. Attorney’s Office in Manhattan declined to provide details on how investigators tracked down Mesri or how Mesri allegedly obtained login credentials to access HBO’s systems. The case was cracked “through the ingenuity and hard work of the men and women of the FBI,” the spokesman said.

The FBI on Tuesday released a wanted poster for Mesri, seeking information on him (click to download full-size image):

Behzad Mesri - FBI Wanted Poster

Separately, in August police in India arrested four people — who were employees of a vendor working with HBO distribution partner Sky India — in connection with the theft of a “Game of Thrones” season 7 episode that was leaked to piracy sites ahead of its premiere on HBO.

Also in August, HBO’s Twitter and Facebook accounts were temporarily hijacked by notorious hacker collective OurMine.

More TV

  • 'SNL' Turns the Impeachment Hearings into

    'Saturday Night Live' Turns the Impeachment Hearings into a Soap Opera (Watch)

    “Saturday Night Live” kicked off its Nov. 16 episode with a take on the biggest news story of the previous week (and foreseeable future): the impeachment hearings. But another big story of the week, especially in Hollywood, was how NBC’s last remaining daytime drama, “Days of our Lives,” had let its actors out of their [...]

  • Andy Cohen attends BravoCon's "Watch What

    'The Real Housewives of Salt Lake City' to Debut in 2020

    Bravo announced Saturday during its first annual BravoCon that a tenth “Real Housewives” series, “The Real Housewives of Salt Lake City,” will debut in 2020. Bravo host and “Real Housewives” executive producer Andy Cohen made the announcement during a panel titled “Ask Andy” at the NYC convention. “We’ve always tried to choose a city that [...]

  • Sterling K. Brown on His Oscar

    Sterling K. Brown on His Oscar Buzz for 'Waves': 'Kind of Surreal'

    Sterling K. Brown can’t quite comprehend the awards attention he’s receiving for his work in the A24 drama “Waves.” “If the Academy sees fit to put me in a category with people who I absolutely adore, I will pee all over myself, dude” the Emmy winner says on the latest episode of “The Big Ticket.” [...]

  • TV News Roundup: 45th Annual Humanitas

    TV News Roundup: 45th Annual Humanitas Nominees Announced

    In today’s TV news roundup, Humanitas has released the finalists for the 45th Annual Humanitas Prize, and YouTube announced a new beauty competition series hosted by James Charles.  CASTINGS Jason Kennedy has been named as the host of E!’s new series “In The Room.“ The “E! News” host will bring viewers inside celebrity homes for [...]

  • Editorial use only. No book cover

    Viacom Extends 'The Office,' 'Parks and Recreation' Syndication Deals

    “The Office” and “Parks and Recreation” reruns will continue to air on Viacom linear networks for the foreseeable future. The company announced that it has reached a new deal with NBCUniversal to keep “The Office” on Comedy Central through 2021. The series will then air in a non-exclusive window on Viacom Media Networks through 2025. [...]

More From Our Brands

Access exclusive content