After information about HBO’s “Game of Thrones” was stolen from the network’s servers, an Iranian hacker named Behzad Mesri attempted to “extort” the network, prosecutors alleged on Tuesday.
The Manhattan U.S. Attorney’s Office has indicted Mesri for cybercrimes related to the alleged hacks, although he has yet to be taken into custody, as authorities are still trying to track him down, according to the New York Daily News.
According to the charging documents, Mesri, who used the alias Skote Vahshat, was a “self-professed expert in computer hacking techniques.” Court documents do not accuse Mesri of working for the Iranian government when he allegedly hacked HBO, but Mesri has worked on behalf of the Iranian military in the past.
He was a member of the Iran-supported Turk Black Hat Security team and he has reportedly used his skills to attack military and nuclear software systems and Israeli infrastructure, and conduct “hundreds of website defacements” around the world, prosecutors allege.
In the United States, one of Mesri’s targets was HBO, authorities say. The 2017 attack included stealing 1.5 terabytes of data from the powerful cable network. Prosecutors say Mesri stole proprietary material, including unaired episodes of the HBO series, “Ballers,” “Curb Your Enthusiasm,” and “The Deuce.” He is also accused of stealing scripts and summaries from HBO’s hit series “Game of Thrones.”
HBO, which is very secretive about the direction and plot of each season of GOT, was allegedly propositioned by Mesri, who attempted to extort nearly $6 million in Bitcoin currency from them. He threatened to release the material and destroy data, the indictment charges. A week later, he started leaking portions of the stolen data.
According to Variety:
HBO offered a $250,000 payoff to the hacker as a so-called “bug bounty,” but that move was, in fact, a stall tactic by HBO as it assessed the situation.
Authorities don’t expect Mesri to be turned over by Iran, reportedly. Instead, the indictment is part of a “name and shame” strategy used by the United States to warn off foreign hackers.