Pro-Assad hackers indicted after hacking western media outlets and universities

Targets of the Syrian Electronic Army ranged from Harvard University to parody news website The Onion.
2 min read
The men are still believed to be in Syria [Getty]

Two Syrian nationals were indicted over a computer hacking scheme that targeted the White House, Harvard University, US Marine Corps and news media outlets, including The Associated Press, reports said on Thursday.

A US federal grand jury returned an 11-count indictment charging Ahmad 'Umar Agha and Firas Dardar with conspiracy and aggravated identity theft.

The indictment says the men were members of the Syrian Electronic Army, which hacked computers to spread propaganda supporting Syrian President Bashar al-Assad.

The indictment adds the hackers were able to alter the Harvard University website home page by adding an image of al-Assad. They also accessed a computer server used by The Washington Post and created a false post on its website.

Other targets included Reuters, Human Rights Watch, National Public Radio and The Onion.

In 2013, Syrian Electronic Army hackers allegedly sent a tweet from The Associated Press' Twitter account falsely claiming a bomb had exploded at the White House and injured President Barack Obama. The message caused the stock market to plummet briefly before it was determined to be a hoax.

Both men were originally charged by criminal complaint in 2014 and are still at large and believed to be in Syria. A third man pleaded guilty in 2016 to having a limited role.

The indictment comes as the five-year statute of limitations for some of their crimes is due to expire.

According to the indictment, the men and their co-conspirators would send a phishing email purporting to be from a trusted source that contained a link to a website controlled by the hackers.

Users who clicked on the link were asked for their usernames and passwords. If at least one person provided those, the hackers would then access the computer systems or accounts of the target's computer system. They could then redirect legitimate traffic, alter text or send messages using compromised social media and email accounts.

No lawyers are listed for the men in court documents.