Syrian Electronic Army revealed: Anonymous hacks SEA website, dumps data

GlobalPost

As the United States and other world powers continue to debate a possible military intervention in Syria, the hacker collective Anonymous has gone ahead with its own intervention, taking on its Syrian counterpart — the Syrian Electronic Army.

It's a shadow war happening online between two amorphous, grassroots groups. And Anonymous dealt the first blow.

Last week, Anons began releasing data they stole in April after infiltrating a server used by the Syrian Electronic Army. Over the weekend, someone began dumping it all on the so-called "deep web," a portion of the internet that isn't accessible by traditional browsers or search engines. 

While the Syrian Electronic Army is mostly made up of supporters of Syrian President Bashar al-Assad and may receive some material support from the regime, the organization does not appear to have any official relationship the government, something that appears to be confirmed in the data leaked by Anonymous. The Syrian Electronic Army has claimed several high-profile security breaches recently, including hacks on the websites of the New York Times, the Washington Post and the US Marine Corps.

Anons said the data released identifies the Syrian Electronic Army's core leadership, their methods, personal emails, usernames and passwords used by its members.

“I imagine them as an Assad cronies’ notion of the Chinese Cyber Army, on a shoestring budget,” one Anonymous member, involved in the analysis of the data, told GlobalPost. 

More from GlobalPost: Anonymous to FBI: You don't scare us 

The leaked data identified five core leaders — two of which reside inside Syria, according to Anons involved with analyzing the data. Those key leaders include hackers using the nom de guerre The Shadow, The Pro, Syrian_34g13 and vict0r.

Syrian Electronic Army members, however, deny that their website had been accessed and their members identified. In an interview with Mashable, an individual operating a Twitter acount believed to be associated with the Syrians said the names "Hatem Deeb" and "Mohammed Abd al-Karim," released by Anonymous and published by former Washington Post reporter Brian Krebs, were not the leaders of the organization. 

“The story has been the source of amusement and laughter for all of us. Neither Hatem Deeb nor Mohammed Osman are hackers, but are both friends of ours that they are trying to intimidate in order to blackmail us. What they're doing is actually illegal and irresponsible, they even posted a photograph of a random guy that none of us could identify and called him the leader of the SEA,” the individual said.

An NBC news reporter, however, claimed to have further proof after discovering an article written in Syrian newspaper al-Wihda identifying Deeb as the founder of the Syrian Electronic Army.

More from GlobalPost: Greenwald v. the UK: Anonymous Strikes Back 

It's difficult to prove one way or another, which is often the case in the shadowy world of online hackery. Among the data collected by anonymous is a large number of user accounts for the Syrian Electronic Army's website. But while many of these users support the organization, it is doubtful that many of them possess the skills necessary to carry off the Syrian Electronic Army's high-profile attacks.

The leaked data did appear to give some insight into the group's skill as a hacker collective. Much of the information indicated that the organization uses relatively unsophisticated — but effective — methods to infiltrate their targets. In most of their security breaches, it used Trojans distributed through spear phishing emails. This apparent lack of sophistication contradicts the common perception that the Syrian Electronic Army is made up of coding prodigies and masterful malware architects. 

While Anonymous first accessed the data on April 19, it only released it last week, after accusations that the Assad government had launched a chemical weapons attack on its own people, and world powers publicly debated the merits of military intervention.

The timing raised some questions. A Washington Times article that detailed the capabilities of pro-Assad hackers, may have been the catalyst for the information dump. The article argued that a US strike against the Syrian regime could spark retaliatory cyberattacks against the West, carried out by the Syrian Electronic Army.

The article was circulated widely among Anons involved in the data analysis. And, shortly after its the Washington Times piece, the data was made publicly available on the deep web.

More from GlobalPost: Web-wide fears follow Tor browser exploit

Sign up for our daily newsletter

Sign up for The Top of the World, delivered to your inbox every weekday morning.