14 DAY TRIAL // US officials have unsealed charges against three members of the Syrian Electronic Army (SAE), revealing their identities for the first time and putting $100,000 (€90,000) bounties for the capture of two members, believed to be living in Syria.
The three members are Ahmad Umar Agha, 22, from Syria, known as "Th3 Pro"; Firas Dardar, 27, living in Homs, Syria, known as "The Shadow"; and Peter Romar, 36, living in Waltershausen, Germany, also going by the name of Pierre Romar.
SEA was both a hacktivism and cyber-crime group at the same time
Two separate criminal complaints have been made public. The first concerned Agha and Dardar, and included the following charges: issuing a threat of a fake terrorist attack; attempting to cause mutiny of US armed forces; illicit possession of authentication features; access device fraud; unauthorized access to and damage of computers; and unlawful access to stored communications
The second criminal complaint was against Dardar and Romar, and included the following charges: unauthorized access to and damage of computers and related extortionate activities; receiving the proceeds of extortion; money laundering; wire fraud; violations of the Syrian Sanctions Regulations; and unlawful interstate communications.
The first criminal complaint includes all the group's hacktivism-related activities while the second complaint was made against the group's online extortion campaigns in which the group hacked businesses around the world and threatened to release or delete their sensitive data if they didn't pay a ransom.
From the second criminal complaint, it is understood that Romar never participated in the actual hacking, but served as an intermediary point where US firms could send ransom money, which would then reach Dardar. Romar was needed because of US international sanctions that prohibited US businesses from transferring funds to Syrian banks.
SAE has a history of high-profile hacks
The Syrian Electronic Army appeared in 2011, and in their heyday, the group was responsible for multiple hacks against companies and government agencies. Among them are Microsoft, NASA, the White House, Reuters, the Associated Press, CNN, Forbes, the Washington Post, the New York Post, The Onion, NBC Universal, USA Today, Harvard University, and the Human Rights Watch.
Their biggest hack was when the group took over the Associated Press' Twitter account and put out a tweet in which they said a bomb exploded at the White House that injured the US President. That fake tweet's impact was felt on Wall Street, where the market lost $90 billion (€81 billion) in value in a couple of minutes.
Outside these high-profile hacks, the group was also known for small-time website defacements, attacking unknown sites and leaving messages in support of Syrian President Bashar al-Assad. In recent years, the group has been relatively quiet.
Below are two pictures depicting Agha (left) and Dardar (right). Both are now on the FBI's most wanted cyber-criminals list, and both have a bounty of $100,000 (€90,000) on their heads.
