Technology

Syrian Electronic Army hacker suspects charged

Screen shot of Skype's hacked blog Image copyright Skype
Image caption Microsoft's Skype was among the services hacked by the Syrian Electronic Army

The US has named and charged three men it believes were involved in cyber-attacks carried out by a group calling itself the Syrian Electronic Army.

The organisation hijacked prominent social media accounts and defaced and blocked access to websites. Two of the men are also accused of extortion.

One of the suspects - Peter Romar - has already been arrested in Germany.

The US Department of Justice says it believes the other two - Ahmad Umar Agha and Firas Dardar - are in Syria.

The FBI has offered a reward of $100,000 (£70,500) for information that leads to their arrests.

First reports of actions by the Syrian Electronic Army (SEA) came in 2011.

The hackers claimed to be acting in support of President Bashar al-Assad saying they sought to counter "fabricated news" broadcast by Arab and Western media.

Image copyright FBI
Image caption Agha is accused of using phishing techniques to hijack companies' social media accounts

Agha - aged 22 - is alleged to be the identity of a member who used the nickname The Pro, and Dardar - aged 27 - is said to be The Shadow.

Officials say the two sent spoof emails that fooled people into revealing work log-in details.

"Agha and Dardar would allegedly use stolen usernames and passwords to deface websites, redirect domains to sites controlled or utilised by the conspiracy, steal email and hijack social media accounts," said a DoJ statement.

"In April 2013, a member of the conspiracy compromised the Twitter account of a prominent media organisation [Associated Press] and released a tweet claiming that a bomb had exploded at the White House and injured the president.

Image copyright FBI
Image caption Dardar is accused of dozens of attacks against government agencies, media organisations and businesses

"In a later 2013 intrusion, through a third-party vendor, the conspirators gained control over a recruiting website for the US Marine Corps and posted a defacement encouraging US marines to refuse [their] orders."

Other victims are said to have included:

  • Harvard University
  • Microsoft
  • Washington Post
  • New York Post
  • Reuters
  • Human Rights Watch
  • CNN
  • National Public Radio (NPR)
  • Huffington Post
  • Time magazine

The BBC also had some of its Twitter accounts hijacked by the SEA in 2013, but this is not referred to in the complaint.

Extorted funds

Dardar and Romar are also accused of hacking into businesses' computer systems for personal profit.

"The pair would hack into the victims' computers and then threaten to damage computers, and delete or sell the data unless they were paid a ransom," said the FBI.

Image copyright DoJ
Image caption Romar, a Syrian national, was said to have been living in Waltershausen, Germany

The targeted companies are not named, but the DoJ said one was a UK-based web hosting company and another an international online entertainment service.

In at least one instance, Dardar is said to have used his involvement with the SEA as a way to have "instilled fear" in his targets in order to extort funds.

The US authorities said they had confirmed the two men's involvement by using court-authorised search warrants to obtain access to Gmail and Facebook accounts they had used as part of their scams.

"The allegations in the complaint demonstrate that the line between ordinary criminal hackers and potential security threats is increasingly blurry," commented John Carlin, the US's assistant attorney general for national security.

Read more cybersecurity articles in our special index

Related Topics

More on this story

Related Internet links

The BBC is not responsible for the content of external Internet sites