A 'Game of Thrones' thief and a dam hacker: These are the FBI's 41 most-wanted cyber criminals

Advertisement
A 'Game of Thrones' thief and a dam hacker: These are the FBI's 41 most-wanted cyber criminals

FBI most wanted cybercriminals

Jenny Cheng/Business Insider

The FBI's most wanted cybercriminals.

Advertisement

The FBI has 41 suspects on its "Cyber's Most Wanted" page, an identity parade of some of the most skilled hackers in the world.

Their crimes range from state-sponsored espionage to holding episodes of "Game of Thrones," and even hacking into a US dam. Although it is a distinct possibility that the hacker got the wrong dam.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

Scroll on to read more about each of the suspects and the crimes they committed. They are not ranked in any particular order.

{{}}

Behzad Mesri, held HBO to ransom

Behzad Mesri, held HBO to ransom

Mesri is an Iran-based hacker otherwise known as "Skote Vahshat" who allegedly hacked HBO's "Game of Thrones" and obtained unaired episodes, scripts, and plot outlines. He demanded a ransom of $6 million in Bitcoin. He also stole unaired episodes of "Ballers," "Curb Your Enthusiasm," and "The Deuce."

Danial Jeloudar, stole a vast amount of credit card numbers

Danial Jeloudar, stole a vast amount of credit card numbers

Jeloudar is wanted for identity theft and fraud after he and his associate, Arash Amiri Abedian, allegedly used malware to steal a vast amount of credit card numbers and other personal information, and then used that information to extort money, goods, and services from victims.

Jeloudar tried to extort a California-based online merchant, threatening to disclose its customers' credit card details and other personal information unless it made him a payment in Bitcoin.

Advertisement

Arash Amiri Abedian, stole and passed on bank details

Arash Amiri Abedian, stole and passed on bank details

Along with Danial Jeloudar, Abedian is wanted for alleged identity theft and fraud. Between 2011 and 2016, Abedian used malware to capture people's credit card details and other personal information.

In February 2012, Abedian sent Jeloudar approximately 30,000 names and numbers, which he said were unauthorized credit card numbers and associated information.

Gholamreza Rafatnejad, founded a company of state-backed hackers

Gholamreza Rafatnejad, founded a company of state-backed hackers

One of the founding "Iranian Mabna Hackers," Rafatnejad is wanted for alleged state-sponsored cyber-theft. The hackers stole more than 30 terabytes of US academic data and intellectual property over a hacking campaign that lasted more than four years. Rafatnejad allegedly organized the hacking effort, while also coordinating with Iran’s Islamic Revolutionary Guard Corps.

Advertisement

Ehsan Mohammadi, Mabna's managing director

Ehsan Mohammadi, Mabna's managing director

Along with Gholamreza Rafatnejad, Mohammadi is alleged to have co-founded the Mabna Institute in 2013, and served as Mabna’s managing director.

The employee hackers of Mabna

The employee hackers of Mabna

Seven men were indicted either as contractors or associates of the Mabna Institute. They are: Seyed Ali Mirkarimi, Abdollah Karima, Mostafa Sadeghi, Sajjad Tahmasebi, Mohammed Reza Sabahi, Roozbeh Sabahi, and Abuzar Gohari Moqadam.

Advertisement

Mohammad Saeed Ajily, stole rocket software

Mohammad Saeed Ajily, stole rocket software

Ajily is wanted for allegedly hacking into a United States government-cleared defense contractor in Vermont, known for making software which supports aerodynamics analysis and design for projectiles. Ajily has allegedly sold the stolen software to Iranian entities, including universities, military, and government entities.

Mohammad Reza Rezakhah, hacked the US munitions list

Mohammad Reza Rezakhah, hacked the US munitions list

Wanted along with Mohammad Saeed Ajily, Rezakhah allegedly stole software from US firms at Ajily's behest. He is accused of having stolen software deemed a "defense article" on the US Munitions List in October 2012.

Advertisement

Alexsey Belan, recruited by Russian intelligence to hack Yahoo

Alexsey Belan, recruited by Russian intelligence to hack Yahoo

Indicted three times for crimes relating to computer intrusions, the FBI offers a reward of up to $100,000 for information leading to the arrest of Latvian-born hacker Alexey Belan.

In 2017, he was indicted for his alleged involvement in a vast a cyber intrusion conspiracy. He is alleged to have stolen subscriber information from at least 500 million Yahoo accounts. He was supposedly paid to do so by two Russian Federal Security Service officers.

His online pseudonyms include "Abyrvaig," "Fedyunya," "Magg," "M4G," "Moy.Yawik," and "Quarker."

Dmitry Aleksandrovich Dokuchaev and Igor Anatolyevich Sushchin, recruited hackers for Russian intelligence

Dmitry Aleksandrovich Dokuchaev and Igor Anatolyevich Sushchin, recruited hackers for Russian intelligence

Dokuchaev and Sushchin allegedly hired the hacker Alexey Belan, as well as Karim Baratov who was arrested in Canada, to obtain information from at least 500 million Yahoo accounts. The pair directed the conspiracy from about April 2014 up to at least December 2016.

Advertisement

Evgeniy Mikhailovich Bogachev, a.k.a. "Slavik," the biggest name in cybercrime

Evgeniy Mikhailovich Bogachev, a.k.a. "Slavik," the biggest name in cybercrime

For years no one knew who the man behind the screen-name "Slavik," was. Dubbed "Russia's most notorious hacker" by Wired, Bogachev invented malware named "Zeus," which the FBI started investigating in 2009. "Zeus" was used to capture bank account numbers and passwords.

A modified version of "Zeus" called "GameOver Zeus" infected over a million computers and was used to steal over $100 million. Bogachev also used "GameOver Zeus" to infiltrate Ukrainian computers for politically sensitive information at the time of the Russian annexation of Crimea.

In 2012, Bogachev was indicted under the screen-name "lucky12345," and finally he was indicted under his true name in 2014. There is a bounty of up to $3 million for information relating to Bogachev. The FBI also notes that he is, "known to enjoy boating."

The "Jabberzeus" gang, Slavik's disciples

The "Jabberzeus" gang, Slavik's disciples

All young men in their twenties, Klepikov, Bron, and Penchukov were a group in Evgeniy Bogachev's (Slavik's) inner ring of organised cyber-crime.

A variant of Bogachev's infamous "Zeus" malware, "Jabber Zeus" came with the instant-messaging plug-in Jabber, which allowed the group to coordinate their attacks.

According to a Wired report, Penchukov ("tank") led the group, Klepikov ("petr0vich") ran IT management, and Bron ("thehead") moved the gang's money internationally.

The FBI raided Penchukov and Klepikov's homes in 2010, seizing 20 terabytes of data.

Advertisement

Ahmad Fathi, owned a company that DDoSed America

Ahmad Fathi, owned a company that DDoSed America

Fathi is one of seven Iranian nationals wanted for their alleged involvement in a campaign of distributed denial of service (DDoS) attacks against 46 major US companies from 2011 through to 2013, mostly within the financial sector.

Fathi is the director and owner of a company called ITSecTeam which allegedly worked on the behalf of the Iranian government. As leader of the company, Fathi supervised and co-ordinated ITSecTeam's potion of the DDoS campaign.

Hamid Firoozi hacked the wrong dam, probably

Hamid Firoozi hacked the wrong dam, probably

Firoozi was the network manager at ITSecTeam, and allegedly procured and managed computer servers to conduct DDoS attacks on the US financial sector.

Additionally, Firoozi is alleged to have hacked into the systems of the Bowman Dam in Rye, New York. The mayor of the nearby village of Rye Brook told the New York Times he was perplexed as to why state-sponsored Iranian hackers would want to break into such a small, "insignificant" dam. He theorized that the hackers may have confused it with the Bowman Dam in Oregon, which is 245 feet tall and 800 feet long.

Advertisement

Amin Shokohi, got off military service by working for Fathi

Amin Shokohi, got off military service by working for Fathi

Shokohi was allegedly a hacker for ITSecTeam who helped to build the company's botnet and wrote malware for the DDoS attacks. He was allegedly rewarded by the Iranian government with credit towards completion of the country's mandatory military service.

Mohammad Sadegh Ahmadzadegan, says he hacked NASA

Mohammad Sadegh Ahmadzadegan, says he hacked NASA

Ahmadzadegan is the cofounder of Mersad Company which, along with ITSecTeam, is alleged to have taken part in a campaign of DDoS attacks aimed at the US financial sector. He is alleged to have managed Mersad's botnet and provided training to Iranian intelligence personnel.

The FBI also claims that Ahmadzadegan was formerly a member of computer hacking groups Ashiyane Digital Security Team (ADST) and Sun Army, and claimed responsibility for hacking NASA's servers in 2012.

Advertisement

Omid Ghaffarinia, another DDoS attacker and NASA hacker

Omid Ghaffarinia, another DDoS attacker and NASA hacker

Ghaffarinia was a co-founder of Mersad, and is alleged to have created malicious computer code used to infiltrate computer servers and build the company's botnet.

Like Ahmadzadegan, Ghaffarinia is associated with Ashiyane Digital Security Team (ADST) and Sun Army, and also claimed to hack NASA in 2012.

Sina Keissar, Mersad employee

Sina Keissar, Mersad employee

Keissar was an employee at Mersad. He allegedly procured computer servers for the company and performed preliminary testing on the company's botnet.

Advertisement

Nader Saedi, a self proclaimed DDoS attack "expert"

Nader Saedi, a self proclaimed DDoS attack "expert"

Saedi was an employee at Mersad, and allegedly wrote computer scripts used to locate vulnerable servers. He was apparently a former Sun Army hacker who, "expressly touted himself as an expert in DDoS attacks."

Nicolae Popescu, sold cars that didn't exist on eBay

Nicolae Popescu, sold cars that didn't exist on eBay

Romanian-born Nicolae Popescu is wanted for alleged participation in an eBay car scam, which netted $3 million. Adverts on eBay and other sites showed pictures of non-existent vehicles, and sent invoices to unsuspecting buyers in the US.

Advertisement

Firas Dardar, a.k.a. "The Shadow"

Firas Dardar, a.k.a. "The Shadow"

Dardar is wanted for his alleged involvement in the Syrian Electronic Army (SEA), a group which allegedly commits hacks in support of the Syrian Regime.

SEA members allegedly spearphished US government and military organisations, as well as private companies including The Washington Post, The New York Times, and CNN.

Dardar is also suspected of having carried out cyber extortion, hacking into computers and demanding ransom be paid for data. Forbes reported that he amassed more than $500,000 from 14 victims.

Ahmed Al Agha, a.k.a. "Th3 Pr0"

Ahmed Al Agha, a.k.a. "Th3 Pr0"

Al Agha is also wanted for his alleged involvement in the Syrian Electronic Army (SEA). Under his internet pseudonym "Th3 Pr0." He allegedly engaged in spearphishing with Dardar, and then used stolen usernames and passwords to deface websites, redirect domains to sites controlled by the conspiracy, steal email, and hijack social media accounts.

Advertisement

Viet Quoc Nguyen, spammed tens of millions for profit

Viet Quoc Nguyen, spammed tens of millions for profit

A federal warrant was issued for Viet Quoc Nguyen in October 2012 after he allegedly hacked into at least eight email service providers and stole data containing over one billion email addresses.

Nguyen then allegedly launched spam attacks on tens of millions of people whose email addresses were stolen. These were used to direct traffic to marketing websites, one of which he had an arrangement with to earn revenue off commission.

Shaileshkumar Jain, sold fake security software

Shaileshkumar Jain, sold fake security software

Indicted in 2010, Shaileshkumar a.k.a. "Sam" Jain is wanted for alleged involvement in an international bogus software scam.

The scam tricked victims into buying counterfeit anti-virus software by deceiving people into believing their computers had been infected with malware. This "scareware" is alleged to have taken more than $100 million.

Advertisement

Bjorn Daniel Sundin, Jain's partner in crime

Bjorn Daniel Sundin, Jain's partner in crime

Sundin is alleged to have taken part in the same cyberscam as Shaileshkumar Jain, defrauding people into purchasing bogus anti-virus software or "scareware."

The Chinese Miliary hacking unit

The Chinese Miliary hacking unit

Five military hackers from the Chinese People’s Liberation Army (PLA) are alleged to have carried out economic espionage against the US from 2006 to 2014. Unit 61398 allegedly hacked into six American entities to steal information, including those in the nuclear power, metals, and solar industries.

"For too long, the Chinese government has blatantly sought to use cyber espionage to obtain economic advantage for its state-owned industries," then-director of the FBI James Comey said of the indictment.

Advertisement

Noor Aziz Uddin, hijacked phones to call fake hotlines

Noor Aziz Uddin, hijacked phones to call fake hotlines

Aziz is wanted for allegedly leading a telecommunications scam, which defrauded people out of more than $50 million.

Aziz had set up a handful of pay-per-minute premium telephone numbers purporting to be chat, adult entertainment, and psychic hotlines, but were all shams.

Then hackers gained access to the telephone networks of businesses and organizations in the United States, and dialled the numbers from there. Unsuspecting businesses were then charged for dialling these premium numbers.

Aziz was arrested in Pakistan but later released in connection to the scheme. The FBI is offering a reward of up to $50,000 for information leading to his arrest.

Farhan Ul Arshad, accomplice to Aziz

Farhan Ul Arshad, accomplice to Aziz

Farhan Ul Arshad is wanted for his alleged involvement in Noor Aziz Uddin's telecommunications scam. He was last known to be in Malaysia, and the FBI is offering up to $50,000 for information leading to his capture.

Advertisement