An alleged computer hacker working on behalf of the Syrian regime appeared in a Virginia federal court Tuesday to face charges relating to unauthorized computer intrusions and violating sanctions against Syria, according to the Department of Justice.
Peter Romar, a Syrian citizen residing in Waltershausen, Germany, was extradited to the U.S. Monday night after the FBI said it found evidence of him being a “skilled computer hacker” involved in a number of computer intrusions for monetary gain and “in support of the Syrian regime and to punish perceived detractors of Syrian president Bashar al-Assad,” according to court documents.
U.S. marshals escorted Romar, wearing a gray T-shirt, blue jeans and tennis shoes without laces, unrestrained into court. An interpreter accompanied Romar, who greeted the judge in Arabic, then listened intently to the instructions from the bench, which were translated to him as he shook his head in agreement.
When asked by the judge if the defendant had any questions, Romar leaned over to his interpreter and whispered in his ear while beginning to sob. Translating his request, the interpreter informed the court that Romar hoped to be able to call his wife as soon as possible, claiming that she had been diagnosed with terminal cancer and “will die soon,” the translator said. The judge agreed to appoint Romar a public defender quickly to try to facilitate an international call from the facility where he is being held.
Charges were brought against Romar in March, as well as against Firas Dardar, whom the government characterizes as a “notorious member of the Special Operations Division of the SEA” that often disseminates pro-Assad propaganda, court documents say. Dardar and another notorious Syrian Electronic Army figure known as “Th3 Pr0” are alleged to be behind massive computer intrusions into Harvard University, NASA, Human Rights Watch, Microsoft and countless media organizations that would “redirect legitimate Internet traffic, deface and alter website text, and send messages using the victim’s accounts,” according to court documents.
Dardar, from Homs, Syria, is still believed to be in his home country, where che allegedly carried out many high profile computer intrusions and is still wanted by law enforcement on charges of “hacking for monetary gain” through the use of extortion and blackmail, according to the FBI. He would sometimes “tout his SEA affiliation,” according to the FBI, including one instance where just the threat of being targeted by the hacking group was enough to extort one company.
Romar was introduced to Dardar, according to court documents, by “Th3 Pr0,” who instructed Dardar to help Romar with whatever he needed. The two Syrians are accused of then conspiring to hack valuable information for use in the extortion of companies and individuals, with Romar acting as a middleman to “transmit the extortion processed from victim companies to Syria,” which violates U.S. sanctions against Syria, according to court documents.
Through court-authorized search warrants, FBI agents were able to access email and social media accounts of Romar and Dardar, which the U.S. says revealed communication between the two that outlined their alleged hacking and extortion conspiracy as far back as late 2013 and found documents of records from bank accounts used in the extortion attempts in the defendants’ real names.
Romar was remanded to the custody of U.S. marshals pending a probable cause and bond hearing later this week. He faces up to 75 years in prison.