Montenegrin police say they have arrested a 39-year-old man in the coastal town of Kotor at the request of U.S. authorities, wrapping up what they describe as a high-profile cybercrime case with a seaside takedown. The suspect, wanted by a court in New York on multiple hacking-related charges tied to large-scale intrusions dating back to 2013 and affecting more than 150 universities, is now headed into extradition proceedings before a court in Podgorica.
According to The Associated Press, Montenegrin police said officers tracked the man to Kotor and detained him following a direct arrest request from U.S. officials and the FBI. Authorities called it a significant cybercrime case and said the suspect holds both Iranian and Turkish citizenship. They declined to release additional identifying details to international media, keeping the profile of the accused hacker notably low even as the charges loom large.
What U.S. Authorities Allege
The man is sought on charges that include conspiracy to commit computer fraud, hacking and identity theft, according to Reuters. Montenegrin police said the intrusions, carried out "from 2013 onward," hit more than 150 U.S. universities and caused damage estimated at more than $3.4 billion. Officials say stolen access credentials and data were then used by Iran's Islamic Revolutionary Guard Corps and other Iranian entities. If Montenegro signs off on the extradition, the suspect will be sent to New York to face federal prosecution.
How This Echoes An Earlier Case
The allegations sound strikingly similar to a 2018 U.S. indictment that accused the Tehran-based Mabna Institute of running a coordinated campaign to steal academic research and credentials from hundreds of universities. In that charging document, the Department of Justice said the earlier operation compromised 144 U.S. universities and siphoned off more than 31 terabytes of academic data. U.S. officials at the time pegged the harm to universities at roughly $3.4 billion, a price tag that underscores why investigators treat these academic hacks as far more than minor digital mischief.
Extradition Proceedings In Montenegro
Montenegrin authorities say the suspect will be brought before an investigating judge at the High Court in Podgorica for extradition hearings, in a process that could stretch on as courts pick through the U.S. request. Police say the arrest was executed by the NCB Interpol Podgorica FAST team in cooperation with local security officers in Kotor, describing the operation as part of their ongoing partnership with the FBI. Local reporting notes that Montenegro's FAST unit has in recent years helped track down several people wanted by U.S. authorities, giving this small Balkan country an outsized role in some very big cyber cases.
Broader Threat And Next Steps
U.S. cybersecurity and law-enforcement agencies have in recent months been warning about a rise in Iran-linked cyber activity against critical infrastructure, including a joint advisory this spring focused on operational-technology devices. The latest arrest highlights how international police work and intelligence-sharing now sit at the core of major cyber investigations, especially when alleged hackers operate far from the jurisdictions that want to try them. For background on that broader warning, see the EPA summary of the joint federal advisory.
The suspect remains in custody in Montenegro while judges weigh the extradition request. U.S. officials have made clear they intend to push for his transfer to New York if legal conditions are met. Montenegrin authorities, for their part, are stressing that the case will move ahead through standard judicial channels, even if the allegations themselves play out on a very nonstandard, global digital stage.
