DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Three members of Syrian Electronic Army charged by feds

Posted on March 22, 2016 by Dissent

Three Syrian nationals, all current or former members of the Syrian Electronic Army (SEA), were charged with multiple conspiracies related to computer hacking, according to two criminal complaints unsealed today in the U.S. District Court of the Eastern District of Virginia.

Ahmad Umar Agha, 22, known online as “The Pro,” and Firas Dardar, 27, known online as “The Shadow,” were charged with a criminal conspiracy relating to: engaging in a hoax regarding a terrorist attack; attempting to cause mutiny of the U.S. armed forces; illicit possession of authentication features; access device fraud; unauthorized access to, and damage of, computers; and unlawful access to stored communications.  Dardar and Peter Romar, 36, also known as Pierre Romar, were separately charged with multiple conspiracies relating to: unauthorized access to, and damage of, computers and related extortionate activities; receiving the proceeds of extortion; money laundering; wire fraud; violations of the Syrian Sanctions Regulations; and unlawful interstate communications.  The court has issued arrest warrants for all three defendants.

According to allegations in the first complaint, beginning in or around 2011, Agha and Dardar engaged in a multi-year criminal conspiracy under the name “Syrian Electronic Army” in support of the Syrian Government and President Bashar al-Assad.  The conspiracy was dedicated to spear-phishing and compromising the computer systems of the U.S. government, as well as international organizations, media organizations and other private-sector entities that the SEA deemed as having been antagonistic toward the Syrian Government.  When the conspiracy’s spear-phishing efforts were successful, Agha and Dardar would allegedly use stolen usernames and passwords to deface websites, redirect domains to sites controlled or utilized by the conspiracy, steal email and hijack social media accounts.  For example, starting in 2011, the conspirators repeatedly targeted computer systems and employees of the Executive Office of the President (EOP).  Despite these efforts, at no time was an EOP account or computer system successfully compromised.  Additionally, in April 2013, a member of the conspiracy compromised the Twitter account of a prominent media organization and released a tweet claiming that a bomb had exploded at the White House and injured the President.  In a later 2013 intrusion, through a third-party vendor, the conspirators gained control over a recruiting website for the U.S. Marine Corps and posted a defacement encouraging U.S. marines to “refuse [their] orders.”

Today, the FBI announced that it is adding Agha and Dardar to its Cyber Most Wanted and offering a reward of $100,000 for information that leads to their arrest.  Both individuals are believed to be residing in Syria.  Anyone with information is asked to contact their nearest FBI field office or U.S. Embassy or consulate.

According to allegations in the second complaint, beginning in or around 2013, SEA members Dardar and Romar engaged in multiple conspiracies dedicated to an extortion scheme that involved hacking online businesses in the United States and elsewhere for personal profit.  Specifically, the complaint alleges that the conspiracy would gain unauthorized access to the victims’ computers and then threaten to damage computers, delete data or sell stolen data unless the victims provided extortion payments to Dardar and/or Romar.  In at least one instance, Dardar attempted to use his affiliation with the SEA to instill fear into his victim.  If a victim could not make extortion payments to the conspiracy’s Syrian bank accounts due to the Syrian Sanctions Regulations or other international sanctions regulations, Romar would act as an intermediary in an attempt to evade those sanctions.

 

The case is being investigated by the FBI’s Washington Field Office, with assistance from the NASA Office of the Inspector General, Department of State Bureau of Diplomatic Security and other law enforcement agencies.  The case is being prosecuted by Assistant U.S. Attorneys Jay V. Prabhu and Maya D. Song of the Eastern District of Virginia, and Special Assistant U.S. Attorney Brandon Van Grack and Trial Attorneys Scott McCulloch and Nathan Charles of the National Security Division’s Counterintelligence and Export Control Section.

Agha and Dardar Complaint

Romar and Dardar Complaint

SOURCE: U.S. Attorney’s Office, Eastern District of Virginia, National Security Division

See also coverage of the SEA on DataBreaches.net.

Category: HackOf Note

Post navigation

← NY: Treasure trove of Grand Street Medical Associates patient data exposed and indexed
Plan Ahead, Stay On Top of Government and Tech Changes, and Be Ready to Call the FBI: Key Lessons from the PHI Protection Network Conference →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.