nationalsecuritylaw United States v. Medina (S.D. Fla. May 2, 2016) (charges in synagogue bomb-plot case)

May 2, 2016

Details from the press release below:

WASHINGTON – James Gonzalo Medina, 40, of Hollywood, Florida, was charged Saturday by criminal complaint with attempting to use a weapon of mass destruction – an explosive device – at a synagogue in Aventura, Florida.

Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Wifredo A. Ferrer of the Southern District of Florida and Special Agent in Charge George L. Piro of the FBI’s Miami Division made the announcement.

The arrest was the culmination of an undercover operation during which Medina was closely monitored by the South Florida Joint Terrorism Task Force (JTTF). The explosive device that he allegedly sought and attempted to use had been rendered inoperable by law enforcement and posed no threat to the public.

According to allegations contained in the complaint, in March 2016, Medina came to the attention of the FBI due to his conversations about attacking a synagogue in South Florida. The FBI was able to gauge Medina’s interest in the plot and collect evidence through the use of a confidential human source (CHS). Medina expressed anti-Semitic views and identified to the CHS the target of his attack, a Jewish synagogue in Aventura.

The complaint further alleges that Medina wanted to use an explosive device to commit the attack and engaged the CHS and an undercover FBI employee about the details of his planned criminal conduct. In preparation for the proposed attack, Medina studied the synagogue property to assess its vulnerabilities. On April 29, 2016, Medina took possession of an inert explosive device and was arrested while approaching the synagogue. Medina was under FBI surveillance and, once the FBI became involved, it worked to effectively mitigate any danger posed to the public.

A complaint is only an accusation and a defendant is presumed innocent unless and until proven guilty in a court of law. If convicted, Medina faces a maximum sentence of life in prison.

The case was investigated by the FBI’s Miami Division and the South Florida JTTF. The case is being prosecuted by Assistant U.S. Attorneys Karen E. Gilbert and Marc S. Anton of the Southern District of Florida, and Trial Attorney Taryn Meeks of the National Security Division’s Counterterrorism Section.


nationalsecuritylaw United States v. Cheibani (E.D.N.Y. Apr. 26, 2016) (25-year sentence for attack on US diplomat in Mali)

April 26, 2016

From DOJ’s press release:

WASHINGTON – Alhassane Ould Mohamed, aka Cheibani, 46, a citizen of Mali, was sentenced to 25 years in prison in the Eastern District of New York for conspiring to murder a U.S. diplomat stationed in Niamey, Niger, in December 2000.

The sentence was announced by Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Robert L. Capers of the Eastern District of New York and Assistant Director in Charge Diego Rodriguez of the FBI New York Field Office.

According to court filings and facts presented during the plea proceeding, in the early morning hours of Dec. 23, 2000, Mohamed and a co-conspirator accosted a group of employees of the U.S. Embassy in Niger as they left a restaurant in Niamey. Carrying a pistol and an AK-47 assault rifle, the two men approached U.S. diplomat William Bultemeier as he was about to enter his car, a white sport-utility vehicle bearing diplomatic license plates clearly indicating that it belonged to the U.S. Embassy. After demanding that Bultemeier turn over the keys to the diplomatic vehicle, the defendant and his co-conspirator shot Bultemeier and Staff Sergeant Christopher McNeely, the Marine Detachment Commander for the U.S. Embassy in Niger at the time, who had run to Bultemeier’s aid. Mohamed and his fellow assailant then drove away in the U.S. Embassy vehicle.

Bultemeier died of the injuries inflicted by the gunshot wounds. Staff Sergeant McNeely survived the shooting and later retired from the Marine Corps as a Master Sergeant.

“The defendant and his confederate murdered U.S. diplomat William Bultemeier in cold blood and seriously injured U.S. Marine Staff Sergeant Christopher McNeely, who bravely risked his life to attempt to save his colleague,” said U.S. Attorney Capers. “Although nothing can undo the pain caused by the defendant’s violent actions, we hope the victims’ families can take some measure of solace in knowing that the defendant is being held accountable for the senseless murder of Mr. Bultemeier and the attack on Staff Sergeant McNeely. The United States takes the protection of its employees stationed overseas very seriously and will continue to work tirelessly to bring those who harm our diplomats to justice.”

“Over the past 16 years, Cheibani evaded full accountability for his murderous actions in taking the life of a U.S. Diplomat,” said Assistant Director in Charge Rodriguez. “U.S. employees working overseas understand there are certain risks in representing their government in foreign territories; however, a death sentence should not be one of them. We are extremely grateful to the governments of Niger and Mali, in helping U.S. authorities seek justice for Cheibani’s crime. FBI New York’s Joint Terrorism Task Force, along with the U.S. Attorney’s Office, conducted a thorough investigation and collected the necessary evidence to substantiate today’s sentence. Our condolences to the family of Mr. Bultemeier and the families of all crime victims. FBINY will continue to work, day and night, to hold those accountable for their crimes, and prevent acts of terror against our citizens, both domestically and abroad.”

The sentencing took place before U.S. District Judge William F. Kuntz II of the Eastern District of New York.

Assistant Attorney General Carlin joined U.S. Attorney Capers in expressing their sincere gratitude to the members of the FBI’s Joint Terrorism Task Force for their thorough investigation, to the Department of State’s Diplomatic Security Service for the assistance they provided and to the governments of Niger and Mali for their substantial assistance and cooperation in connection with this investigation. The Department of Justice’s Office of International Affairs also provided significant assistance. The case is being prosecuted by Assistant U.S. Attorneys Zainab Ahmad, Margaret Lee and Melody Wells of the Eastern District of New York with assistance provided by Trial Attorney Jennifer Levy of the National Security Division’s Counterterrorism Section.

# # #

16-495

DO NOT REPLY TO THIS MESSAGE. IF YOU HAVE QUESTIONS, PLEASE USE THE CONTACTS IN THE MESSAGE OR CALL THE OFFICE OF PUBLIC AFFAIRS AT 202-514-2007.


nationalsecuritylaw United States v. Wright (D. Mass. April 21, 2016) (superseding indictment in ISIL-related terrorism case)

April 23, 2016

The press release appears below, and the superseding indictment is attached.

WASHINGTON – Today, David Daoud Wright, aka Dawud Sharif Abdul Khaliq, aka Dawud Sharif Abdul Khaliq, 26, of Everett, Massachusetts, and Nicholas Alexander Rovinski, aka Nuh Amriki, aka Nuh Andalusi, 25, of Warwick, Rhode Island, were charged in a superseding indictment with conspiracy to commit acts of terrorism transcending national boundaries.

The announcement was made by Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Carmen M. Ortiz of the District of Massachusetts and Special Agent in Charge Harold H. Shaw of the FBI’s Boston Division.

This charge, as well as additional conspiracy allegations, were included in a new superseding indictment against Wright and Rovinski today. A grand jury in June 2015, charged them with conspiracy to provide material support to the Islamic State of Iraq and the Levant (ISIL). The indictment also charged Wright with conspiracy to obstruct justice and obstruction of justice.

Wright and Rovinski are charged with conspiring with each other, known and unknown conspirators, and Usaamah Abdullah Rahim, 26, Wright’s uncle, to provide material support to ISIL and commit acts of terrorism that transcended national boundaries. On June 2, 2015, Rahim was shot and killed after he attacked law enforcement officers in a Roslindale, Massachusetts, parking lot.

The superseding indictment alleges that, beginning in at least February 2015, Wright began discussing ISIL’s call to kill non-believers in the United States with Rahim and Rovinski and they began plotting and recruiting members for their “martyrdom” operation. In March 2015, Wright drafted organizational documents for a “Martyrdom Operations Cell” and conducted Internet search queries about firearms, the effectiveness of tranquilizers on human subjects and the establishment of secret militias in the United States. Simultaneously, Rahim was communicating with ISIL members overseas, including Junaid Hussain. On Aug. 24, 2015, Hussain was killed in an airstrike in Raqqah, Syria.

As alleged in the indictment, beginning in or about May 2015, Hussain allegedly communicated directly with Rahim. Rahim in turn communicated Hussain’s instructions to Wright, with regard to the murder of an individual residing in New York. Wright, Rovinski and Rahim each allegedly conspired to commit attacks and kill persons inside the United States on behalf of ISIL. In preparation for their attack, Rovinski conducted research on weapons that could be used to behead their victims. Since being arrested, Rovinski has sought to continue their planned attacks and has written letters to Wright from prison discussing ways to take down the U.S. government and decapitate non-believers.

The charge of conspiracy to provide material support provides a maximum sentence of 20 years in prison, a lifetime term of supervised release and a $250,000 fine; conspiracy to obstruct justice provides a maximum sentence of five years in prison, three years of supervised release and a $250,000 fine; obstruction of justice provides a maximum sentence of 20 years in prison, three years of supervised release and a $250,000 fine; conspiracy to commit acts of terrorism transcending national boundaries provides a maximum sentence of life in prison, lifetime supervised release and a $250,000 fine. Sentences are imposed by a federal district court judge based upon the U.S. Sentencing Guidelines and other statutory factors.

This investigation is being conducted by the Boston Joint Terrorism Task Force (JTTF) and the Rhode Island JTTF with critical assistance from the Boston Police Department; Boston Regional Intelligence Center; Massachusetts State Police; Commonwealth Fusion Center; Everett Police Department; U.S. Immigration and Customs Enforcement’s Homeland Security Investigations; Rhode Island State Police; Warwick, Rhode Island, Police Department; Rhode Island Fusion Center; Naval Criminal Investigative Service; and member agencies of the JTTF.

The case is being prosecuted by Assistant U.S. Attorney B. Stephanie Siegmann of the District of Massachusetts’s National Security Unit and Trial Attorney Greg R. Gonzalez of the National Security Division’s Counterterrorism Section.

The details contained in the charging documents are allegations. The defendants are presumed to be innocent unless and until proven guilty beyond a reasonable doubt in the court of law.

# # #

16-480

DO NOT REPLY TO THIS MESSAGE. IF YOU HAVE QUESTIONS, PLEASE USE THE CONTACTS IN THE MESSAGE OR CALL THE OFFICE OF PUBLIC AFFAIRS AT 202-514-2007.

Wright Indictment.pdf


nationalsecuritylaw United States v. Young (D. Miss. Mar. 29, 2016) (guilty plea in ISIL material support case)

March 29, 2016

The plea agreement is attached. Press release below:

WASHINGTON – Jaelyn Delshaun Young, 20, of Starkville, Mississippi, pleaded guilty today in the Northern District of Mississippi to conspiring to provide material support to the Islamic State of Iraq and the Levant (ISIL), a designated foreign terrorist organization.

The plea was announced by Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Felicia C. Adams of the Northern District of Mississippi and Special Agent in Charge Donald Alway of the FBI’s Jackson, Mississippi, Division.

Young pleaded guilty before Chief U.S. District Judge Sharion Aycock of the Northern District of Mississippi to conspiring with Muhammad Oda Dakhlalla to provide material support to ISIL. Dakhlalla pleaded guilty to the same charge on March 13, 2016. Young was remanded to the custody of the U.S. Marshals Service to await sentencing, which will be scheduled at a later date.

The investigation was conducted by the FBI’s Jackson Division Joint Terrorism Task Force and the Washington Field Office. The case is being prosecuted by Assistant U.S. Attorneys Clay Joyner and Bob Norman of the Northern District of Mississippi and Trial Attorney Rebecca Magnone of the National Security Division’s Counterterrorism Section.

Young Plea Agreement.pdf


nationalsecuritylaw United States v. Mohamed (EDNY Mar. 24, 2016) (guilty plea for murder of US diplomat in Mali)

March 24, 2016

DOJ’s press release:

WASHINGTON – Alhassane Ould Mohamed, aka Cheibani, 46, a citizen of Mali, pleaded guilty in the Eastern District of New York to conspiring to murder a U.S. diplomat stationed in Niamey, Niger, in December 2000.

The guilty plea was announced by Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Robert L. Capers of the Eastern District of New York and Assistant Director in Charge Diego Rodriguez of the FBI New York Field Office.

According to court filings and facts presented during the plea proceeding, in the early morning hours of Dec. 23, 2000, Mohamed and a co-conspirator accosted a group of employees of the U.S. Embassy in Niger as they left a restaurant in Niamey. Carrying a pistol and an AK-47 assault rifle, the two men approached Department of Defense official William Bultemeier as he was about to enter his car, which displayed diplomatic license plates clearly indicating that it belonged to the U.S. Embassy. After demanding that Bultemeier turn over the keys to the diplomatic vehicle, the defendant and his co-conspirator shot Bultemeier and Staff Sergeant Christopher McNeely, the Marine Detachment Commander for the U.S. Embassy in Niger at the time, who had run to Bultemeier’s aid. Mohamed and his fellow assailant then drove away in the U.S. Embassy vehicle.

Bultemeier died of the injuries inflicted by the gunshot wounds. Staff Sergeant McNeely survived the shooting and later retired from the Marine Corps as a Master Sergeant.

Today’s plea took place before U.S. District Judge William F. Kuntz II of the Eastern District of New York. At sentencing on April 26, 2016, as part of the agreement, the defendant faces an agreed-upon sentence of 25 years in prison.

The case is being prosecuted by Assistant U.S. Attorneys Zainab Ahmad, Margaret Lee and Melody Wells of the Eastern District of New York with assistance provided by Trial Attorney Jennifer Levy of the National Security Division’s Counterterrorism Section.


nationalsecuritylaw United States v. Fathi et al (SDNY Mar. 24, 2016) (indicting Iranians for DDOS campaign)

March 24, 2016

Interesting to see this, hot on heels of the indictment of the Free Syrian Army hackers. I know, I said I’d only be using the list to post CT cases, but I can’t resist noting the national security-related cyberstuff. The NSD Counterintelligence and Export Control Section is certainly getting interesting on this front.

The indictment is attached, and the press release appears below:

WASHINGTON – A grand jury in the Southern District of New York indicted seven Iranian individuals who were employed by two Iran-based computer companies, ITSecTeam (ITSEC) and Mersad Company (MERSAD), that performed work on behalf of the Iranian Government, including the Islamic Revolutionary Guard Corps, on computer hacking charges related to their involvement in an extensive campaign of over 176 days of distributed denial of service (DDoS) attacks.

Ahmad Fathi, 37; Hamid Firoozi, 34; Amin Shokohi, 25; Sadegh Ahmadzadegan, aka Nitr0jen26, 23; Omid Ghaffarinia, aka PLuS, 25; Sina Keissar, 25; and Nader Saedi, aka Turk Server, 26, launched DDoS attacks against 46 victims, primarily in the U.S financial sector, between late 2011 and mid-2013. The attacks disabled victim bank websites, prevented customers from accessing their accounts online and collectively cost the victims tens of millions of dollars in remediation costs as they worked to neutralize and mitigate the attacks on their servers. In addition, Firoozi is charged with obtaining unauthorized access into the Supervisory Control and Data Acquisition (SCADA) systems of the Bowman Dam, located in Rye, New York, in August and September of 2013.

The indictment was announced today by Attorney General Loretta E. Lynch, Director James B. Comey of the FBI, Assistant Attorney General for National Security John P. Carlin and U.S. Attorney Preet Bharara of the Southern District of New York.

“In unsealing this indictment, the Department of Justice is sending a powerful message: that we will not allow any individual, group, or nation to sabotage American financial institutions or undermine the integrity of fair competition in the operation of the free market,” said Attorney General Lynch. “Through the work of our National Security Division, the FBI, and U.S. Attorney’s Offices around the country, we will continue to pursue national security cyber threats through the use of all available tools, including public criminal charges. And as today’s unsealing makes clear, individuals who engage in computer hacking will be exposed for their criminal conduct and sought for apprehension and prosecution in an American court of law.”

“The FBI will find those behind cyber intrusions and hold them accountable — wherever they are, and whoever they are,” said Director Comey. “By calling out the individuals and nations who use cyber attacks to threaten American enterprise, as we have done in this indictment, we will change behavior.”

“Like past nation state-sponsored hackers, these defendants and their backers believed that they could attack our critical infrastructure without consequence, from behind a veil of cyber anonymity,” said Assistant Attorney General Carlin. “This indictment once again shows there is no such veil – we can and will expose malicious cyber hackers engaging in unlawful acts that threaten our public safety and national security.”

“The charges announced today respond directly to a cyber-assault on New York, its institutions and its infrastructure,” said U.S. Attorney Bharara. “The alleged onslaught of cyber-attacks on 46 of our largest financial institutions, many headquartered in New York City, resulted in hundreds of thousands of customers being unable to access their accounts and tens of millions of dollars being spent by the companies trying to stay online through these attacks. The infiltration of the Bowman Avenue dam represents a frightening new frontier in cybercrime. These were no ordinary crimes, but calculated attacks by groups with ties to Iran’s Islamic Revolutionary Guard and designed specifically to harm America and its people. We now live in a world where devastating attacks on our financial system, our infrastructure and our way of life can be launched from anywhere in the world, with a click of a mouse. Confronting these types of cyber-attacks cannot be the job of just law enforcement. The charges announced today should serve as a wake-up call for everyone responsible for the security of our financial markets and for guarding our infrastructure. Our future security depends on heeding this call.”

According to the indictment unsealed today in federal court in New York City:

DDoS Attacks

The DDoS campaign began in approximately December 2011, and the attacks occurred only sporadically until September 2012, at which point they escalated in frequency to a near-weekly basis, between Tuesday and Thursdays during normal business hours in the United States. On certain days during the campaign, victim computer servers were hit with as much as 140 gigabits of data per second and hundreds of thousands of customers were cut off from online access to their bank accounts.

Fathi, Firoozi and Shokohi were responsible for ITSEC’s portion of the DDoS campaign against the U.S. financial sector and are charged with one count of conspiracy to commit and aid and abet computer hacking. Fathi was the leader of ITSEC and was responsible for supervising and coordinating ITSEC’s portion of the DDoS campaign, along with managing computer intrusion and cyberattack projects being conducted for the government of Iran. Firoozi was the network manager at ITSEC and, in that role, procured and managed computer servers that were used to coordinate and direct ITSEC’s portion of the DDoS campaign. Shokohi is a computer hacker who helped build the botnet used by ITSEC to carry out its portion of the DDoS campaign and created malware used to direct the botnet to engage in those attacks. During the time that he worked in support of the DDoS campaign, Shokohi received credit for his computer intrusion work from the Iranian government towards his completion of his mandatory military service requirement in Iran.

Ahmadzadegan, Ghaffarinia, Keissar and Saedi were responsible for managing the botnet used in MERSAD’s portion of the campaign, and are also charged with one count of conspiracy to commit and aid and abet computer hacking. Ahmadzadegan was a co-founder of MERSAD and was responsible for managing the botnet used in MERSAD’s portion of the DDoS campaign. He was also associated with Iranian hacking groups Sun Army and the Ashiyane Digital Security Team (ADST), and claimed responsibility for hacking servers belonging to the National Aeronautics and Space Administration (NASA) in February 2012. Ahmadzadegan has also provided training to Iranian intelligence personnel. Ghaffarinia was a co-founder of MERSAD and created malicious computer code used to compromise computer servers and build MERSAD’s botnet. Ghaffarinia was also associated with Sun Army and ADST, and has also claimed responsibility for hacking NASA servers in February 2012, as well as thousands of other servers in the United States, the United Kingdom and Israel. Keissar procured computer servers used by MERSAD to access and manipulate MERSAD’s botnet, and also performed preliminary testing of the same botnet prior to its use in MERSAD’s portion of the DDoS campaign. Saedi was an employee of MERSAD and a former Sun Army computer hacker who expressly touted himself as an expert in DDoS attacks. Saedi wrote computer scripts used to locate vulnerable servers to build the MERSAD botnet used in its portion of the DDoS campaign.

For the purpose of carrying out the attacks, each group built and maintained their own botnets, which consisted of thousands of compromised computer systems owned by unwitting third parties that had been infected with the defendants’ malware, and subject to their remote command and control. The defendants and/or their unindicted co-conspirators then sent orders to their botnets to direct significant amounts of malicious traffic at computer servers used to operate the websites for victim financial institutions, which overwhelmed victim servers and disabled them from customers seeking to legitimately access the websites or their online bank accounts. Although the DDoS campaign caused damage to the financial sector victims and interfered with their customers’ ability to do online banking, the attacks did not affect or result in the theft of customer account data.

DDoS Botnet Remediation

Since the attacks, the Department of Justice and the FBI have worked together with the private sector to effectively neutralize and remediate the defendants’ botnets. Specifically, through approximately 20 FBI Liaison Alert System (FLASH) messages, the FBI regularly provided updated information collected from the investigation regarding the identity of systems that been infected with the defendants’ malware and operating as bots within the malicious botnets. In addition, the FBI conducted extensive direct outreach to Internet service providers responsible for hosting systems that have been infected with the defendants’ malware to provide them information and assistance in removing the malware to protect their customers and other potential victims of the defendants’ unlawful cyber activities. Through these outreach efforts and the cooperation of the private sector, over 95 percent of the known part of the defendants’ botnets have been successfully remediated.

Bowman Dam Intrusion

Between Aug. 28, 2013, and Sept. 18, 2013, Firoozi repeatedly obtained unauthorized access to the SCADA systems of the Bowman Dam, and is charged with one substantive count of obtaining and aiding and abetting computer hacking. This unauthorized access allowed him to repeatedly obtain information regarding the status and operation of the dam, including information about the water levels, temperature and status of the sluice gate, which is responsible for controlling water levels and flow rates. Although that access would normally have permitted Firoozi to remotely operate and manipulate the Bowman Dam’s sluice gate, Firoozi did not have that capability because the sluice gate had been manually disconnected for maintenance at the time of the intrusion.

Remediation for the Bowman Dam intrusion cost over $30,000.

* * *

All seven defendants face a maximum sentence of 10 years in prison for conspiracy to commit and aid and abet computer hacking. Firoozi faces an additional five years in prison for obtaining and aiding and abetting unauthorized access to a protected computer at the Bowman Dam.

An indictment is merely an accusation and all defendants are presumed innocent unless proven guilty in a court of law.

The case was investigated by the FBI, including the Chicago; Cincinnati; New York; Newark, New Jersey; Phoenix; and San Francisco Field Offices. This case is being prosecuted by Assistant U.S. Attorney Timothy T. Howard of the Southern District of New York, with the substantial assistance of Deputy Chief Sean M. Newell of the National Security Division’s Counterintelligence and Export Control Section.

Fathi et al Indictment.pdf


nationalsecuritylaw United States v. Agha et al. (EDVA) (hacking charges, and lots more, vs Syrian Electronic Army)

March 23, 2016

And now for something quite different…the attached complaints and press release below describe some fascinating charges (attempting to cause a mutiny!) in relation to members of the so-called Syrian Electronic Army (at least some of whom are in Syria, it seems). Details:

WASHINGTON – Three Syrian nationals, all current or former members of the Syrian Electronic Army (SEA), were charged with multiple conspiracies related to computer hacking, according to two criminal complaints unsealed today in the U.S. District Court of the Eastern District of Virginia.

The announcement was made by Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Dana J. Boente of the Eastern District of Virginia, Assistant Director James Trainor of the FBI’s Cyber Division and Assistant Director in Charge Paul M. Abbate of the FBI’s Washington Field Office.

Ahmad Umar Agha, 22, known online as “The Pro,” and Firas Dardar, 27, known online as “The Shadow,” were charged with a criminal conspiracy relating to: engaging in a hoax regarding a terrorist attack; attempting to cause mutiny of the U.S. armed forces; illicit possession of authentication features; access device fraud; unauthorized access to, and damage of, computers; and unlawful access to stored communications. Dardar and Peter Romar, 36, also known as Pierre Romar, were separately charged with multiple conspiracies relating to: unauthorized access to, and damage of, computers and related extortionate activities; receiving the proceeds of extortion; money laundering; wire fraud; violations of the Syrian Sanctions Regulations; and unlawful interstate communications. The court has issued arrest warrants for all three defendants.

According to allegations in the first complaint, beginning in or around 2011, Agha and Dardar engaged in a multi-year criminal conspiracy under the name “Syrian Electronic Army” in support of the Syrian Government and President Bashar al-Assad. The conspiracy was dedicated to spear-phishing and compromising the computer systems of the U.S. government, as well as international organizations, media organizations and other private-sector entities that the SEA deemed as having been antagonistic toward the Syrian Government. When the conspiracy’s spear-phishing efforts were successful, Agha and Dardar would allegedly use stolen usernames and passwords to deface websites, redirect domains to sites controlled or utilized by the conspiracy, steal email and hijack social media accounts. For example, starting in 2011, the conspirators repeatedly targeted computer systems and employees of the Executive Office of the President (EOP). Despite these efforts, at no time was an EOP account or computer system successfully compromised. Additionally, in April 2013, a member of the conspiracy compromised the Twitter account of a prominent media organization and released a tweet claiming that a bomb had exploded at the White House and injured the President. In a later 2013 intrusion, through a third-party vendor, the conspirators gained control over a recruiting website for the U.S. Marine Corps and posted a defacement encouraging U.S. marines to “refuse [their] orders.”

Today, the FBI announced that it is adding Agha and Dardar to its Cyber Most Wanted and offering a reward of $100,000 for information that leads to their arrest. Both individuals are believed to be residing in Syria. Anyone with information is asked to contact their nearest FBI field office or U.S. Embassy or consulate.

According to allegations in the second complaint, beginning in or around 2013, SEA members Dardar and Romar engaged in multiple conspiracies dedicated to an extortion scheme that involved hacking online businesses in the United States and elsewhere for personal profit. Specifically, the complaint alleges that the conspiracy would gain unauthorized access to the victims’ computers and then threaten to damage computers, delete data or sell stolen data unless the victims provided extortion payments to Dardar and/or Romar. In at least one instance, Dardar attempted to use his affiliation with the SEA to instill fear into his victim. If a victim could not make extortion payments to the conspiracy’s Syrian bank accounts due to the Syrian Sanctions Regulations or other international sanctions regulations, Romar would act as an intermediary in an attempt to evade those sanctions.

“The Syrian Electronic Army publicly claims that its hacking activities are conducted in support of the embattled regime of Syrian President Bashar al-Assad,” said Assistant Attorney General Carlin. “While some of the activity sought to harm the economic and national security of the United States in the name of Syria, these detailed allegations reveal that the members also used extortion to try to line their own pockets at the expense of law-abiding people all over the world. The allegations in the complaint demonstrate that the line between ordinary criminal hackers and potential national security threats is increasingly blurry.”

“The tireless efforts of U.S. prosecutors and our investigative partners have allowed us to identify individuals who have been responsible for inflicting damage on U.S. government and private entities through computer intrusions,” said U.S. Attorney Boente. “Today’s announcement demonstrates that we will continue to pursue these individuals no matter where they are in the world.”

“Cybercriminals cause significant damage and disruption around the world, often under the veil of anonymity,” said Assistant Director Trainor. “As this case shows, we will continue to work closely with our partners to identify these individuals and bring them to justice, regardless of where they are.”

“These three members of the Syrian Electronic Army targeted and compromised computer systems in order to provide support to the Assad regime as well as for their own personal monetary gain through extortion,” said Assistant Director in Charge Abbate. “As a result of a thorough cyber investigation, FBI agents and analysts identified the perpetrators and now continue to work with our domestic and international partners to ensure these individuals face justice in the United States. I want to thank the dedicated FBI personnel, federal prosecutors, and our law enforcement partners for their tremendous efforts to ensure on-line criminal activity is countered, U.S. cyber infrastructure is safeguarded, and violators are held accountable under the law.”

The case is being investigated by the FBI’s Washington Field Office, with assistance from the NASA Office of the Inspector General, Department of State Bureau of Diplomatic Security and other law enforcement agencies. The case is being prosecuted by Assistant U.S. Attorneys Jay V. Prabhu and Maya D. Song of the Eastern District of Virginia, and Special Assistant U.S. Attorney Brandon Van Grack and Trial Attorneys Scott McCulloch and Nathan Charles of the National Security Division’s Counterintelligence and Export Control Section.

# # #

16-329

DO NOT REPLY TO THIS MESSAGE. IF YOU HAVE QUESTIONS, PLEASE USE THE CONTACTS IN THE MESSAGE OR CALL THE OFFICE OF PUBLIC AFFAIRS AT 202-514-2007.

Agha and Dardar Complaint.pdf

Romar and Dardar Complaint.pdf


Follow

Get every new post delivered to your Inbox.

Join 192 other followers