Recent Surge in University Hoax Calls Linked to Extremist Group
A self-identified leader of an online collective associated with the violent extremist network known as The Com has confessed to orchestrating a series of hoax active-shooter alerts targeting universities across the United States. This alarming trend coincides with the return of students to campus, causing significant disruption to educational institutions.
Operating under the pseudonym “Gores,” this individual claims to half-run a group called Purgatory, which markets a variety of disruptive services—including hoax threats to schools, also known as swatting—at a fee of approximately $20. Threats against hospitals, businesses, and airports escalate to about $50, with additional violent acts, labeled as “slashings” and “brickings,” available for as low as $10. Recent investigations indicate that the pricing for these services has surged; a school swatting now costs around $95, while brickings have risen to $35.
The group is believed to have ties to 764, a nihilistic subset of The Com notorious for engaging in targeted harassment, including extortion and doxing against minors. Allegations against members extend to robbery and even more grievous crimes such as kidnapping. Since the initiation of their hoax calls on August 21, numerous universities have found themselves ensnared in these incidents, which have required multiple alerts for false alarms.
Gores disclosed to WIRED that the organization has generated approximately $100,000 from these activities, a claim that remains unverified by independent sources. Reports indicate that researchers monitoring the situation have overheard live swatting calls. In one instance, a researcher intervened to inform a targeted institution of the hoax, highlighting the disruption these events cause to law enforcement and public safety.
University of Colorado Boulder spokesperson Nicole Mueksch confirmed that investigations into these incidents are ongoing. Local police are collaborating with state and federal agencies, including the FBI, to identify any connections among the rash of swatting incidents nationwide.
The FBI is taking these threats seriously, noting a troubling uptick in swatting events across the country. An agency statement emphasized that providing false information regarding potential threats not only drains valuable law enforcement resources but also puts innocent lives at risk.
The escalation of these hoaxes began on August 21, the same day the Purgatory’s Telegram channel launched, with the University of Tennessee at Chattanooga receiving a call alleging an active shooter. The threat forced a campus lockdown lasting over an hour. Hours later, another hoax call prompted a lockdown at Villanova University during a new student orientation event.
The tactics employed in these incidents align with MITRE ATT&CK’s framework, which outlines methods such as initial access and harassment strategies indicative of social engineering techniques. This situation underscores the potential for broader implications in cybersecurity, as businesses and educational institutions may need to bolster their emergency response protocols to mitigate such risks in an increasingly interconnected digital landscape.
As the investigation unfolds, vigilance and preparedness will be crucial in defending against these alarming cybersecurity threats that exploit the vulnerabilities of institutions and endanger lives.
