More than a month after the ProtonMail end-to-end encrypted email service came under distributed denial-of-service attack, the British government has apparently arrested one of the culprits.
George Duke-Cohan pled guilty Sept. 3 to making bomb threats, but Proton said in a statement he was also a member of the “Apophis Squad” group that was attacking its servers.
With the help of cybersecurity journalist Brian Krebs, the group identified Duke-Cohan as a member of the hacker-for-hire group and informed the British authorities.
“British police did not move to immediately arrest Duke-Cohan, however, and we believe there were good reasons for that,” ProtonMail said in a blog post.
“Unfortunately, this meant that through much of August, ProtonMail remained under attack,” the group said. Customers, however, did not see an impact.
A spokesman for the British police agency said that Duke-Cohan was previously arrested in March and April for calling in bomb threats on schools. He was released as the authorities continued their investigation, which is standard practice under British law. Due to that investigation, the British police became aware of his hacking activities.
In June, hackers began to launch DDoS attacks at ProtonMail. Users temporarily experienced service delays.
Apophis Squad was brazen in their claims their true identity would remain hidden.
“Feds cant touch us,” the group tweeted July 17.
But ProtonMail discovered that some members of Apophis Squad actually used the company’s service.
“This was soon confirmed by a number of law enforcement agencies that reached out to us,” ProtonMail said. “It seemed that in addition to attacking ProtonMail, Duke-Cohan and his accomplices were engaged in attacking government agencies in a number of countries.”
Justin Lynch is the Associate Editor at Fifth Domain. He has written for the New Yorker, the Associated Press, Foreign Policy, the Atlantic, and others. Follow him on Twitter @just1nlynch.