Teen Arrested for Bomb Threats Linked to Cybercrime Group
British authorities have taken a significant step in addressing cybercrime with the arrest of a 19-year-old individual associated with the notorious Apophis Squad. This group has been implicated in a series of hoax bomb threats directed at numerous educational institutions and airlines, as well as cyberattacks on secure email platforms ProtonMail and Tutanota.
George Duke-Cohan was apprehended in his bedroom in Watford by the UK’s National Crime Agency (NCA) on August 31. Following this, he pled guilty to three counts of issuing bomb threats during a court appearance at Luton Magistrates’ Court. Investigations revealed that Duke-Cohan had dispatched over 24,000 emails to schools in the United Kingdom and the United States, falsely claiming that pipe bombs had been planted on their premises. Each email demanded a ransom of $5,000, threatening that failure to comply would result in explosions.
This arrest marks Duke-Cohan’s third encounter with law enforcement concerning bomb threats. His initial arrest occurred in March when his email threats led to the evacuation of around 400 schools across the UK. After being released on bail, he sent another wave of 24,000 hoax emails to educational institutions in both the UK and the US. Despite being prohibited from using electronic devices while on bail, Duke-Cohan further exacerbated his legal troubles by making a threatening phone call to San Francisco Airport. He falsely claimed that his daughter was on a flight recently hijacked by armed individuals, one of whom purportedly had a bomb. This prompted extensive security measures that disrupted the travel plans of 295 passengers on United Airlines Flight 949.
Following this alarming claim, the NCA arrested Duke-Cohan for the third time. Authorities found him in possession of multiple electronic devices, defying the stipulations of his bail. During this latest incident, the hacker group Apophis Squad publicly claimed responsibility for grounding the United flight.
ProtonMail has confirmed Duke-Cohan’s affiliation with Apophis Squad, which previously targeted its email services with Distributed Denial of Service (DDoS) attacks. The organization has reiterated its commitment to protecting user privacy and security, while also emphasizing its intention to pursue legal action against those attempting to undermine its services. ProtonMail’s investigations indicated that some members of the group were existing users of their platform, prompting heightened scrutiny and collaboration with law enforcement to identify and apprehend involved parties.
Duke-Cohan’s criminal activities not only disrupted educational operations but also caused significant financial loss to airlines. He has been remanded in custody and is set to face sentencing at Luton Crown Court on September 21. Experts suggest that his actions illustrate various elements of the MITRE ATT&CK framework, specifically tactics such as initial access through phishing and extortion, as well as the use of social engineering techniques to manipulate emergency response protocols.
As investigations continue, authorities are working diligently to address the broader implications of Duke-Cohan’s actions and those of his accomplices. The ramifications of such cyber threats raise crucial concerns for businesses and educational institutions alike, highlighting the urgent need for robust cybersecurity measures and proactive threat mitigation strategies in today’s digital landscape.
