A teen hacker who was arrested earlier this week was identified by his email provider after deciding to DDoS the firm.
George Duke-Cohan, 19, pleaded guilty at Luton Magistrates Court this week to three counts of making hoax bomb threats.
Also known by the online monikers “7R1D3N7,” “DoubleParallax” and “optcz1,” Duke-Cohan was a vocal member of the infamy-seeking hacking collective known as Apophis Squad, which decided to DDoS Swiss-based secure email provider ProtonMail.
That was the group’s first mistake as it alerted the ProtonMail security team to start investigating.
“In this endeavor, we were assisted by a number of cybersecurity professionals who are also ProtonMail users. It turns out that despite claims by Apophis Squad that federal authorities would never be able to find them, they themselves did not practice very good operational security. In fact, some of their own servers were breached and exposed online,” the firm explained.
“By sifting through the clues, we soon discovered that some members of Apophis Squad were in fact ProtonMail users. This was soon confirmed by a number of law enforcement agencies that reached out to us. It seemed that in addition to attacking ProtonMail, Duke-Cohan and his accomplices were engaged in attacking government agencies in a number of countries.”
The digital trail eventually led back to Duke-Cohan, who was identified as a member of the hacking group in the first week of August.
British police held off arresting him, presumably to see if they could catch more members of the group, but the final straw came when he phoned in a bomb hoax for a United Airlines flight to San Francisco and started emailing out more bomb threats to schools.
Reports suggest there could be more charges to follow for Duke-Cohan, including a possible extradition to the US.
“Our mission is to bring privacy, security, and freedom of information to citizens around the world. However, this does not extend to protecting individuals who are engaged in criminal activities,” concluded ProtonMail. “That’s why we will investigate to the fullest extent possible anyone who attacks ProtonMail or uses our platform for crime.”