The FBI today added two members of a Syrian hacker group to its Cyber Most Wanted list offering a reward of up to $100,000 each for information that leads to their arrest.
According to the FBI, the new cybercriminals Amad Umar Agha22, known online as “The Pro,” and Firas Dardar,27, known online as “The Shadow,” engaged in a multi-year conspiracy that began in 2011 to collect usernames and passwords that gave them the ability to deface websites, redirect domains to sites controlled by the conspirators, steal e-mail, and hijack social media accounts. To obtain the login information they spear-phishing, where they tricked people who had privileged access to their organizations’ websites and social media channels into volunteering sensitive information by posing as a legitimate entity.
According to the FBI Dardar also worked with Peter “Pierre” Romar, 36, on a scheme beginning in 2013 to extort U.S. businesses for profit. According to the complaint, the pair would hack into the victims’ computers and then threaten to damage computers, and delete or sell the data unless they were paid a ransom. The FBI cited other examples of the conspirators’ hacks including:
- Compromising the Twitter account of a prominent U.S. media organization in 2013 and releasing a tweet claiming that a bomb had exploded at the White House and injured the President
- Gaining control of a U.S. Marine Corps recruiting website and posting a message urging Marines to “Refuse [their] orders.”
The U.S. District Court this week issued arrest warrants for all three defendants.
+More on Network World: The weirdest, wackiest and coolest sci/tech stories of 2015+
“These three members of the Syrian Electronic Army targeted and compromised computer systems in order to provide support to the Assad regime as well as for their own personal monetary gain through extortion,” said WFO Assistant Director in Charge Paul M. Abbate. “As a result of a thorough cyber investigation, FBI agents and analysts identified the perpetrators and now continue to work with our domestic and international partners to ensure these individuals face justice in the United States.”
Others on the FBI most wanted list include:
- Evgeniy Mikhailovich Bogachev, using the online monikers “lucky12345” and “slavik”, is wanted for his alleged involvement in a wide-ranging racketeering enterprise and scheme that installed, without authorization, malicious software known as “Zeus” on victims’ computers. The software was used to capture bank account numbers, passwords, personal identification numbers, and other information necessary to log into online banking accounts. While Bogachev knowingly acted in a role as an administrator, others involved in the scheme conspired to distribute spam and phishing emails, which contained links to compromised web sites.
- Nicolae Popescu is wanted for his alleged participation in a sophisticated Internet Fraud scheme where criminal enterprise conspirators, based in Romania and elsewhere in Europe, posted advertisements on Internet auction market sites for merchandise for sale. Such advertisements contained images and descriptions of vehicles and other items for sale, but those items did not really exist. Conspirators posing as sellers then negotiated via e-mail with unsuspecting buyers in the United States. These "sellers" sent fraudulent invoices, that appeared to be from legitimate online payment services, to the victim buyers, with instructions for payment to bank accounts held by other conspirators in the United States.
- Between January of 2012, and April of 2013, Alexsey Belan is alleged to have intruded the computer networks of three major United States-based e-commerce companies in Nevada and California. He is alleged to have stolen their user databases which he then exported and made readily accessible on his server. Belan allegedly stole the user data and the encrypted passwords of millions of accounts and then negotiated the sales of the databases.
- Carlos Enrique Perez-Melara is wanted for his alleged involvement in manufacturing spyware which was used to intercept the private communications of hundreds, if not thousands, of victims. As part of the scheme, Perez-Melara ran a website offering customers a way to “catch a cheating lover” by sending spyware masqueraded as an electronic greeting card. Victims who opened the greeting card would unwittingly install a program onto their computers. The program collected keystrokes and other incoming and outgoing electronic communications on the victims’ computers.
- On May 1, 2014, a grand jury in the Western District of Pennsylvania indicted five members of the People’s Liberation Army including Sun Kailiang of the People’s Republic of China for 31 criminal counts, including: conspiring to commit computer fraud; accessing a computer without authorization for the purpose of commercial advantage and private financial gain; damaging computers through the transmission of code and commands; aggravated identity theft; economic espionage; and theft of trade secrets. Sun, who held the rank of captain during the early stages of the investigation, was observed both sending malicious e-mails and controlling victim computers.
Check out these other hot stories: