Alleged hacker Peter Romar, 36, has been extradited to the US following evidence of his involvement with the hacker group known as the Syrian Electronic Army (SEA).
Expected to appear in the Eastern District of Virginia court on Tuesday, the German national is believed to have also helped extort money from US companies. Working with Firas Dardar, a member of the SEA, Romar would receive extortion payment from victims, after which he would send the money to Syria.
The two hackers, charged with wire fraud and extortion, would use spearphishing techniques to target systems of media networks, such as the Associated Press, Reuters, CNN, and National Public Radio, along with computers belonging to Microsoft Corp. and the U.S. Justice Department. After infiltration, Dardar would deface websites, steal sensitive data and use the victim’s account to send messages.
“Firas Dardar is wanted for his alleged involvement in the Syrian Electronic Army (SEA), a group of individuals who allegedly commit hacks in support of the Syrian Regime,” reads the FBI Cyber Most Wanted page. “It is alleged that, between September of 2011 and January of 2014, Dardar committed dozens of cyber attacks against United States government agencies, media organizations, and private organizations under the SEA banner while using the online nickname, ‘The Shadow’.”
The group has also claimed responsibility for the Associated Press Twitter account hijack, in which they posted a false message that President Obama was hurt during a White House explosion. This caused stocks to temporarily lose $136 billion in value.
The two, plus a third SEA member, Ahmad Umar Agha, were charged with a series of hacking-related crimes.
Dardar and Agha are also believed to have taken part in cyberattacks against Harvard University, The Washington Post, the White House, NASA and Microsoft. The two are believed to be in Syria and have been placed on the FBI’s Cyber Most Wanted list. There’s currently a reward of $100,000 for information leading to Dardar’s arrest.