Forlit pleaded not guilty to hacking, wire fraud charges in New York
Israeli private investigator Amit Forlit has been extradited to face trial in a New York federal court on hacking and wire fraud charges connected to a coordinated scheme that targeted climate activists beginning around 2015. Forlit pleaded not guilty to the charges.
The case centers on a multi-year hacking campaign that federal prosecutors allege was commissioned by DCI Group, a lobbying firm representing ExxonMobil. A newly unsealed indictment from the U.S. attorney’s office in New York alleges that Forlit acted as a leader of a “sprawling cybercriminal enterprise” via Israel-based intelligence-gathering firms, working with co-conspirators in the U.S., UK, Israel, and India. Forlit could face up to 45 years in prison if convicted.
According to the indictment, the operation targeting climate activists was carried out on behalf of a client described as “one of the world’s largest oil and gas corporations, with headquarters in Irving, Texas.” Court documents allege that in October 2015, the client asked a lobbying firm for help responding to civil investigations related to climate change. A principal at the lobbying firm then contacted Forlit about a project targeting people working on climate and environmental issues. In a memo to Forlit, the principal laid out a plan for how they “would operationalize the research on the bad guys,” with a cover email stating, “This is what I gave the client yesterday.” The memo referenced “recent attacks” on the client “over climate change by groups on the left” and the “opportunity to go ‘on offense’.”
Prosecutors alleged that Forlit then sent the principal a proposal with a $125,000 monthly budget, outlining how his firms would gather intelligence for use in lobbying and legal proceedings. Forlit allegedly contracted former Israeli policeman Aviram Azari and others, who in turn hired hackers. The indictment alleges that the hackers successfully breached the accounts of climate advocates in 2016 and 2017, and that stolen materials were funneled through Azari and Forlit to the principal at the lobbying firm, used in lobbying work and climate litigation filings. Between 2014 and 2017, Forlit’s firms allegedly earned $7 million, including for work on the climate hack.
DCI Group and ExxonMobil deny involvement. “We do and always have directed all employees and consultants to comply with the law,” Craig Stevens, a partner at DCI Group, told the Guardian. He added that the firm has “been told by the government that neither DCI nor any of its personnel are under investigation” and that they had “no knowledge or understanding” of the alleged hacking activity. ExxonMobil did not reply to a request for comment, but has previously stated it has not been “involved in, nor are we aware of, any hacking activities. If there was any hacking involved, we condemn it in the strongest possible terms.”
The trial is the latest development in a years-long federal investigation. The Department of Justice began gathering evidence in 2018 after being alerted about phishing attacks by climate activists and other targets. Federal agents arrested Aviram Azari in September 2019 at John F. Kennedy International Airport while he was on his way to Disneyland with his family. Azari pleaded guilty to hacking charges in 2022 but denied knowledge of the client. Sentencing documents revealed that clients paid him more than $4.8 million over nearly five years for managing intelligence-gathering and phishing campaigns.
The hacking campaign had a broad reach. Lee Wasserman, director and secretary of the Rockefeller Family Foundation, said he has reason to believe he was among those targeted. “We’re all sitting on the edge of our seats waiting to see if we hear that at trial,” he told the Guardian. Kert Davies, founder of the Climate Investigations Center, received more than 80 phishing emails, including one pretending to be from a colleague sharing a Dropbox document titled “ExxonMobil (confidential).docx.” Davies said he hopes the Forlit case will reveal whether the oil giant was involved. “None of that has been proven yet. So any furtherance of that story and that proof is really important to me, personally, and to a lot of the people who were attacked by this operation 10 years ago,” he told the Guardian.
Bradley Campbell, president of the Conservation Law Foundation, told prosecutors that the agenda and attendee list for a private meeting at the offices of the Rockefeller Family Fund was leaked to the press and “cited on an ExxonMobil webpage designed to dispel criticism of the company’s climate stance.” Campbell said he later learned that he and at least 24 members of his staff were taken in by Azari’s spearphishing efforts and that the harm was “significant and far-reaching.”