"I ask for forgiveness," Azari told the federal court. "You don't know everything. There will come a day."
One of Azari's victims reportedly told him that "if you are truly sorry, you should be giving the names of the people who hired you."
Azari, a self-described "hacker-for-hire," ran a sweeping international spearphishing attack called "Dark Basin" that employed groups of hackers to steal emails and other digital documents from U.S. climate activists, government officials in African nations, members of a Mexican political party, and critics of a German company. Clients paid Azari approximately $4.8 million over five years for managing the campaign.
Citizen Lab, a Canadian digital watchdog group, first reported on Dark Basin in 2020. According to the group's research, numerous progressive organizations—including Public Citizen, Greenpeace, 350.org, the Union of Concerned Scientists, and Oil Change International—were among those targeted.
Prosecutors said stolen emails were leaked to media outlets, some of which published reports "appeared designed to undermine the integrity" of the #ExxonKnew movement and investigations into ExxonMobil's climate cover-up.
NPRreported Thursday:
The U.S. government hasn't said who hired Azari to target the climate activists. But in an October sentencing memo, federal prosecutors in New York described how ExxonMobil tried to take advantage of the material that Azari's group stole.
Prosecutors noted a private email between climate activists that ExxonMobil had publicized on its website. The document was about a 2016 meeting to convince the public that ExxonMobil was a "corrupt institution" that pushed the world toward "climate chaos and grave harm" because of its decadeslong campaign to cast doubt on global warming.
"The 'Dark Basin' cyberattack offers an acute reminder of the vested interests at play in obscuring the role of fossil fuel companies in driving the climate crisis," Kathy Mulvey, the accountability campaign director at the Union of Concerned Scientists, said in a statement. "While the conviction and sentencing of Mr. Azari has shed light on the hacking-for-hire enterprise, we're eager to see the bad actors behind the attack publicly named and held accountable."
"As the fossil fuel industry intensifies its efforts to thwart climate lawsuits that seek to hold them accountable for their deception and the devastating damage caused by their products, this sentencing serves as a stark reminder of the lengths powerful corporations and special interests will go to evade responsibility," Mulvey added. "Now more than ever, scientists, advocates, and our policymakers must fight back against scare tactics, delay maneuvers, or other abuses of power from this industry. A safer, healthier, and more just future is at stake."
Greenpeace USA executive director Ebony Twilley Martin said in a statement that "we are pleased to see federal prosecutors taking legal action against those who use underhanded tactics like hacking to target public interest advocates."
"That said, justice will not be completely served in this case until those who hired Azari are exposed and held to account," she continued. "Whoever that is though, they ultimately failed. They failed to stop elected leaders across the country from pursuing some level of accountability for actions that—over time—amount to one of the greatest corporate crimes against humanity ever committed."
"Overwhelmingly, the American people want climate action, and Big Oil will use every tool in their toolbox to stop it," Martin added. "Cyberattacks like this are one of the many tactics designed to silence and oppose climate activists. They have serious impacts on people's lives—and thus their ability to do the important work of protecting our planet."