FBI arrests second Apophis Squad hacker in the US

First hacker already serving a three-year prison sentence in the UK.
Written by Catalin Cimpanu, Contributor

The FBI arrested yesterday a hacker part of a hacking team known as Apophis Squad. This is the second arrest of an Apophis Squad member after UK cops arrested a teenager in August 2018.

The two, US and UK citizens, respectively, have been charged in an indictment unsealed by the US Department of Justice yesterday.

Also: FBI warns companies about hackers increasingly abusing RDP

They stand accused of orchestrating a crime spree during the first eight months of 2018, during which they allegedly launched DDoS attacks against online websites, made phone calls and sent email threats to schools, government agencies, and airports containing bogus reports of physical violence, mass-shootings, and bomb threats.

In a press release published yesterday, the DOJ described Apophis Squad as "a worldwide collective of computer hackers and swatters intent on using the internet to cause chaos."

The leader of this group is George Duke-Cohan, 19, from Hertfordshire, UK, and he went online by nicknames such as "optcz1," "DigitalCrimes," and "7R1D3N7."

Duke-Cohan, while included in the US indictment, was arrested in the UK last August and has been already sentenced to three years in prison for his crimes in the UK, last December.

The second hacker and the one arrested by the FBI yesterday is Timothy Dalton Vaughn, 20, of Winston-Salem, North Carolina.

According to the FBI, Vaughn went online by nicknames such as "WantedbyFeds," and "Hacker_R_US" and he worked closely with Duke-Cohen.

The Vaughn and Duke-Cohen's arrests stem from a DDoS attack and extortion attempt the two made against encrypted email provider ProtonMail.

In a blog post published last September, ProtonMail founder Andy Yen said they worked with authorities and infosec researchers to track down and identify Duke-Cohen, which eventually led to his arrest. According to current evidence, Vaughn is the second "unnamed" person that Yen mentioned in his September 2018 blog post.

But besides the DDoS attacks against ProtonMail, the DOJ indictment unsealed yesterday also blames Vaughn for other DDoS attacks, such as the three-days-long DDoS onslaught and subsequent ransom demands that targeted hoonigan.com, the website of a Long Beach motorsport company.

Must read

However, the DDoS attacks played only a small part in Apophis Squad's 2018 crime spree. Most of the time, the two spent their time sending fake bomb or mass-shooting threats, often taking payments from others to target specific schools and businesses.

US authorities say that Vaughn bragged online about targeting over 2,000 schools in the United States and more than 400 in the United Kingdom.

Some of the threats sent against UK schools were sent with spoofed identities and made to look like they came from the mayor of London.

Numerous Southern California school districts were also targeted, and even the Los Angeles International Airport (LAX), one of the biggest and busiest airports in the world.

If found guilty on all charges, Duke-Cohen faces up to 65 years in a US prison, while Vaughn's maximum sentence could reach up to 80 years.

Article updated to remove mention that Duke-Cohen was arrested because he was a ProtonVPN subscriber. A ProtonMail spokesperson said this was, in fact, true, but did not contribute to the hacker's arrest in any way.

These are the worst hacks, cyberattacks, and data breaches of 2018

Related stories:

Editorial standards