Introduction
The Syrian Electronic Army (SEA) is a group of computer hackers which first surfaced online in 2011 to support the government of Syrian President Bashar al-Assad. Using spamming, website defacement, malware, phishing, and denial of service attacks, it has targeted political opposition groups, western news organizations, human rights groups and websites that are seemingly neutral to the Syrian conflict. It has also hacked government websites in the Middle East and Europe, as well as US defense contractors. As of 2011 the SEA has been the first Arab country to have a public Internet Army hosted on its national networks to openly launch cyber attacks on its enemies. The precise nature of SEAβs relationship with the Syrian government has changed over time and is unclear
Activities and Tactics
Targeted Sectors: Country, Defense, Opposition, Political party, News - Media, Government, Administration
Country of Origin: π³οΈ Syria
Risk Level: High
Notable Campaigns
Information pending cataloguing.
Tactics, Techniques, and Procedures (TTPs)
Information pending cataloguing.
Notable Indicators of Compromise (IOCs)
No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.
Malware and Tools
- CyberGate
- Cyber Eye RAT
- SeANux: Sea Shell (Basic Web Shell):
- Executer Webshell:
Attribution and Evidence
Country of Origin: Syria Additional attribution information pending cataloguing.
References
References pending cataloguing.
Recent News
Latest articles from security news feeds mentioning this actor.
- DuckDuckGo installs are up 30% as users reject being βforce-fedβ Googleβs AI Search TechCrunch - 2026-05-26T