A 19-YEAR-OLD MEMBER of hacking group Apophis Squad has been arrested by British cops.
George Duke-Cohan from Watford, who uses the aliases '7R1D3N7', ‘DoubleParalla' and ‘optcz1', was identified after the criminal group launched a series of DDoS attacks on Swiss-based encrypted email and VPN provider ProtonMail in June.
Writing on the ProtonMail blog, CEO Andy Yen said that a team of security researchers had assisted the firm in investigating those responsible for the attacks.
"Our security team began to investigate Apophis Squad almost immediately after the first attacks were launched. In this endeavour, we were assisted by a number of cybersecurity professionals who are also ProtonMail users," he said.
"It turns out that despite claims by Apophis Squad that federal authorities would never be able to find them, they themselves did not practice very good operational security. In fact, some of their own servers were breached and exposed online."
Yen did not go into details about how Duke-Cohan was 'conclusively' identified, save to say that "intelligence provided by a trusted source" played a part.
The group attacked ProtonMail in June, apparently on a whim, but the attacks intensified after CTO Bart Butler responded to a tweet from the group, saying "we're back you clowns". Apophis Squad also attacked Tutanota, another encrypted email provider.
Users of ProtonMail email and VPN services saw them briefly disrupted, but "due to the efforts of Radware, F5 Networks, and our infrastructure team, we were able keep service disruptions to a minimum," Yen said.
As a member of Apophis Squad, Duke-Cohan was also involved in making hoax bomb threats to schools and colleges and airlines which saw 400 educational facilities in the UK and USA evacuated and a United Airlines flight grounded in San Francisco in March.
He pleaded guilty in Luton Magistrates Court to three counts of making bomb threats and is due to appear before Luton Crown Court on September 21 to face further charges. He also faces possible extradition to the US.
Marc Horsfall, senior investigating officer at the National Crime Agency said: "George Duke-Cohan made a series of bomb threats that caused serious worry and inconvenience to thousands of people, not least an international airline. He carried out these threats hidden behind a computer screen for his own enjoyment, with no consideration for the effect he was having on others."
Duke-Cohan's parents have said he was "groomed" by "serious people" online through playing the game Minecraft. Apophis Squad is thought to be based in Russia.
ProtonMail's Yen said other attackers have also been identified and the authorities notified.
"We will investigate to the fullest extent possible anyone who attacks ProtonMail or uses our platform for crime. We will also cooperate with law enforcement agencies within the framework of Swiss law," he said. µ
The week in Google in brief
Sega hedgehogging its bets
And not a purple duck in sight