This briefing will highlight the most recent expansion of the tools of the Syrian Electronic Army (SEA), which are now known to include an entire mobile surveillanceware family (SilverHawk). This is the first time a family of mobile surveillanceware has been directly attributed to the SEA with high certainty, highlighting a new stage in the group's technical evolution. To date, SilverHawk has been identified in over 30 trojanized versions of many well known apps, including Telegram, WhatsApp, Microsoft Word, YouTube, and the Guardian Project's Chat Secure app. We'll take a look at the SEA's past notable activities, but primarily dive into SilverHawk's capabilities, as well as the significance of the group's ability to develop this toolset. Additionally, we'll explain how we attributed and tied infrastructure to one of the SEA's most high profile hackers, known as th3pro, who is currently on the FBI Cyber's Most Wanted list.