Two men were charged with conducting cyberattacks on various organizations and threatening physical violence on Southern California school districts and the Los Angeles International Airport, among other targets, according to an indictment that was unsealed by U.S. prosecutors on Tuesday.
The men, an American and a Briton, sent false reports of violent attacks on schools via email and carried out distributed denial-of-service (DDoS) attacks on websites, according to the indictment announced by the U.S. Attorney’s Office of the Central District of California.
The defendants –a 19-year-old British national named George Duke-Cohan and a 20-year-old North Carolina man named Timothy Dalton Vaughn – are accused of being part of a hacking collective known as Apophis Squad. Duke-Cohan is already serving a prison sentence in Britain for threatening violence on an airliner, U.S. officials said. Vaughn’s online moniker, “WantedbyFeds,” turned prophetic Tuesday morning when he was arrested by U.S. authorities. Their alleged criminal activity took place in the first eight months of 2018.
Threats allegedly made by the men closed hundreds of schools in the United States and United Kingdom, according to the indictment, using email addresses that spoofed other entities, including the Mayor of London, to lend legitimacy to the threats.
The charges paint a picture of malice: Duke-Cohan, Vaughn, and other Apophis Squad hackers would “DDoS or deface the websites of entities with which they were displeased,” the indictment states.
Vaughn is accused of conducting a DDoS attack that knocked a website belonging to a California motorsport company offline for three days, and then demanding Bitcoin to stop the attack. He was expected to appear in court Tuesday afternoon.
Vaughn and Duke-Cohan also allegedly collaborated on a weeklong DDoS attack on ProtonMail, the encrypted email service. Duke-Cohan taunted the Switzerland-based email provider on Twitter, claiming it had weak DDoS protection, prosecutors said. As with so many of the men’s alleged targets, it is unclear why they attacked ProtonMail, other than because of their appetite for chaos.
You can read the full indictment below.
[documentcloud url=”http://www.documentcloud.org/documents/5736183-Apophis-Squad-INDICTMENT.html” responsive=true]