Latest news with #DiamondCDN
Yahoo
27-03-2025
- Yahoo
A DOGE staffer working as a ‘senior advisor' in the government's cybersecurity agency once provided tech support to a cybercrime ring
Edward Coristine, a 19-year-old DOGE member, has been linked to a cybercrime group through his former company, DiamondCDN. Coristine has been listed as an adviser in multiple U.S. government agencies, including the Cybersecurity and Infrastructure Security Agency. A member of Elon Musk's Department of Government Efficiency (DOGE) appears to have provided tech support to a cybercrime group known as EGodly. Edward Coristine, also known by his nickname "Big Balls," has been linked to the cybercrime group through a company he ran called DiamondCDN. According to corporate and digital records reviewed by Reuters and Telegram messages seen by Fortune, EGodly was one of the company's users. The group publicly thanked Coristine's company for its assistance in a post on its Telegram channel on Feb. 15, 2023. "We extend our gratitude to our valued partners DiamondCDN for generously providing us with their amazing DDoS protection and caching systems, which allow us to securely host and safeguard our website," the message read. An FBI agent who had contact with EGodly told Reuters the group had been investigated due to a connection with swatting, a practice of making false emergency calls in an attempt to send SWAT teams to targeted addresses. He called EGodly "not a pleasant group," referring to the members as "bad folks." In other messages shared on the Telegram channel and reviewed by Fortune, the group can also be seen selling people's private PII (Personally Identifiable Information), boasting about hacking government emails and cyberstalking an FBI agent. In one post, the group advertised "Brazil government emails" for sale, telling members they could use the addresses to get information on users by sending data requests to the support of platforms. In one video posted by the account, a car drove past what appeared to be the FBI agent's house while someone screamed out the window: "EGodly says you're a bitch!" An analysis of digital records conducted by Reuters found that between October 2022 and June 2023, the EGodly website, was linked to IP addresses associated with DiamondCDN and other businesses owned by Coristine. During this period, some visitors to the site encountered a DiamondCDN "Security check," the outlet reported. Representatives for the State Department and DiamondCDN did not immediately return requests for comment from Fortune. The department and Coristine did not reply to Reuters comment requests either. Coristine's role within the government is not entirely clear. The 19-year-old was most recently a freshman mechanical engineering and physics major at Boston's Northeastern University until joining Elon Musk's cost-cutting team at DOGE. He also worked briefly at Musk's brain implant company Neuralink. According to Reuters, he's listed as a "senior adviser" at the State Department as well as the Cybersecurity and Infrastructure Security Agency. He's also been linked to the Department of Homeland Security by a Washington Post report. Wired has also reported that Coristine is listed as one of several 'experts' at the Office of Personnel Management, the government's HR department. Although Coristine's link to EGodly may have been brief, Nitin Natarajan—formerly the deputy director of CISA under President Joe Biden—expressed concern about the teenager now being part of a team with extensive access to government systems. "This stuff was not in the distant past," Natarajan told Reuters. "The recency of the activity and the types of groups he was associated would definitely be concerning." It's also not the first time Coristine has made headlines for his past associations. Last month, Bloomberg reported that he was previously fired from an internship at Path Network for reportedly leaking information to competitors. Coristine later denied doing anything "contractually wrong' while working at Path Network via a post on Discord, per Bloomberg. This story was originally featured on
Ya Libnan
27-03-2025
- Business
- Ya Libnan
DOGE staffer ‘Big Balls' provided tech support to cybercrime ring, records show, Reuters
Elon Musk listens to U.S. President Donald Trump speak in the Oval Office of the White House in Washington, D.C., U.S., February 11, 2025. REUTERS/Kevin Lamarque/File Photo By Raphael Satter WILMINGTON, Delaware, March 26 (Reuters) – The best-known member of Elon Musk's U.S. DOGE Service team of technologists once provided support to a cybercrime gang that bragged about trafficking in stolen data and cyberstalking an FBI agent, according to digital records reviewed by Reuters. Edward Coristine is among the most visible members of the DOGE effort that has been given sweeping access to official networks as it attempts to radically downsize the U.S. government. Last month that 'Big Balls is awesome.' Beginning around 2022, while still in high school, Coristine ran a company that provided network services, according to corporate and digital records reviewed by Reuters and interviews with half a dozen former associates. Among its users was a website run by a ring of cybercriminals operating under the name 'EGodly,' according to digital records preserved by the internet intelligence firm DomainTools and the online cybersecurity tool The details of Coristine's connection to EGodly have not been previously reported. On Feb. 15, 2023, EGodly thanked Coristine's company for its assistance in a post on the Telegram messaging app. 'We extend our gratitude to our valued partners DiamondCDN for generously providing us with their amazing DDoS protection and caching systems, which allow us to securely host and safeguard our website,' the message said. The digital records reviewed by Reuters showed the EGodly website, was tied to internet protocol addresses registered to DiamondCDN and other Coristine-owned entities between October 2022 and June 2023, and that some users attempting to access the site around that time would hit a DiamondCDN 'Security check.' Coristine did not return messages seeking comment. Musk's team, which has adopted the name 'Department of Government Efficiency' though it is not an official government department, did not respond to emails about Coristine. He is listed as a 'senior adviser' at the State Department and the Cybersecurity and Infrastructure Security Agency, according to one official at each agency who told Reuters they had seen his name in their respective agencies' staff directory. On LinkedIn, Coristine describes himself as a 'Volunteer (Intern) Plumber' with the U.S. government. The State Department did not return messages asking about Coristine. CISA, which is responsible for protecting federal government networks from cybercriminals and foreign spies, declined comment. EGodly's Telegram channel has been inactive for the past year; attempts to elicit comment from eight people who participated in or interacted with EGodly were unsuccessful. 'THESE ARE BAD FOLKS' DiamondCDN's website – CDN typically stands for 'content delivery network' – was registered in mid-2022, according to records collected by DomainTools. It pitched itself as offering 'excellent security tools' that would help 'lower your infrastructure costs,' according to the site maintained by the Internet Archive. The site said the company 'has no business inspecting user content.' In 2023, EGodly boasted on its Telegram channel of hijacking phone numbers, breaking into unspecified law enforcement email accounts in Latin America and Eastern Europe, and cryptocurrency theft. Early that year, the group distributed the personal details of an FBI agent who they said was investigating them, circulating his phone number, photographs of his house, and other private details on Telegram. EGodly also posted an audio recording of an obscene prank call made to the agent's phone and a video, shot from the inside of a car, of an unknown party driving by the agent's house in Wilmington, Delaware at night and screaming out the window, 'EGodly says you're a bitch!' Reuters could not independently verify EGodly's boasts of cybercriminal activity, including its claims to have hijacked phone numbers or infiltrated law enforcement emails. But it was able to authenticate the video by visiting the same Wilmington address and comparing the building to the one in the footage. The FBI agent targeted by EGodly, who is now retired, told Reuters that the group had drawn law enforcement attention because of its connection to swatting, the dangerous practice of making hoax emergency calls to send armed officers swarming targeted addresses. The agent didn't go into detail. Reuters is not identifying him out of concern for further harassment. 'These are bad folks,' the former agent said. 'They're not a pleasant group.' He declined to comment further about the harassment or whether EGodly had been or still was the subject of an FBI investigation. The FBI didn't return messages seeking comment on EGodly. Reuters was not able to ascertain how long EGodly used DiamondCDN, or whether EGodly paid Coristine's company. Archived copies of DiamondCDN's website said the firm envisioned having both paying and nonpaying customers. Another individual who has been subject to abuse from EGodly and a cybercrime researcher who has followed the group said it was composed of hardened fraudsters, citing the group's makeup and the credibility of its claims. Both asked not to be identified, citing fears of retaliation. Even if the connection between Coristine and EGodly were fleeting, Nitin Natarajan, who served as the deputy director of CISA under former President Joe Biden, told Reuters it was worrying that someone who provided services to EGodly only two years ago was part of a group that has gained wide access to government networks. 'This stuff was not in the distant past,' he said. 'The recency of the activity and the types of groups he was associated would definitely be concerning.' Reuters
Yahoo
26-03-2025
- Yahoo
Elon Musk's DOGE Staffer 'Big Balls' Was Involved in Cybercrime Ring
The teenage DOGE employee who went by the online username 'Big Balls' used to run a company that provided tech support to a cybercrime group, according to Reuters. In 2022, Edward Coristine ran a company called DiamondCDN that provided network services. One of its users was a group of cybercriminals known as EGodly, who openly bragged about stealing phone numbers and cryptocurrency, hacking law enforcement emails in South America and Eastern Europe, cyberstalking an FBI agent in Delaware, and trafficking other stolen data. The group, now retired, even thanked Coristine's company for its support in 2023. 'We extend our gratitude to our valued partners DiamondCDN for generously providing us with their amazing DDoS protection and caching systems, which allow us to securely host and safeguard our website,' the group said. Coristine did not reply to Reuters's request for comment. It should be alarming that a teen who used to work with a cybercrime group now has wide access to the inner workings of the federal government and the personal information of millions of Americans. Elon Musk, who has expressed support for Big Balls in the past, has yet to comment.
USA Today
26-03-2025
- Business
- USA Today
Exclusive: DOGE staffer, 'Big Balls', provided tech support to cybercrime ring, records show
Exclusive: DOGE staffer, 'Big Balls', provided tech support to cybercrime ring, records show Show Caption Hide Caption Protesters oppose DOGE cuts from coast to coast Protesters across the U.S. gathered around the message that "Elon Musk has got to go." WILMINGTON, Delaware, March 26 (Reuters) - The best-known member of Elon Musk's U.S. DOGE Service team of technologists once provided support to a cybercrime gang that bragged about trafficking in stolen data and cyberstalking an FBI agent, according to digital records reviewed by Reuters. Edward Coristine is among the most visible members of the DOGE effort that has been given sweeping access to official networks as it attempts to radically downsize the U.S. government. Past reporting had focused on his youth - he is 19 - and his chosen nickname of "bigballs," which became a pop culture punchline. Musk turned championed the teen on his social media site X, telling his followers last month that "Big Balls is awesome." Beginning around 2022, while still in high school, Coristine ran a company called DiamondCDN that provided network services, according to corporate and digital records reviewed by Reuters and interviews with half a dozen former associates. Among its users was a website run by a ring of cybercriminals operating under the name "EGodly," according to digital records preserved by the internet intelligence firm DomainTools and the online cybersecurity tool The details of Coristine's connection to EGodly have not been previously reported. More: Federal jobs were seen as a gateway to the middle class for Black America, then came DOGE On Feb. 15, 2023, EGodly thanked Coristine's company for its assistance in a post on the Telegram messaging app. "We extend our gratitude to our valued partners DiamondCDN for generously providing us with their amazing DDoS protection and caching systems, which allow us to securely host and safeguard our website," the message said. The digital records reviewed by Reuters showed the EGodly website, was tied to internet protocol addresses registered to DiamondCDN and other Coristine-owned entities between October 2022 and June 2023, and that some users attempting to access the site around that time would hit a DiamondCDN "Security check." More: What happened to DOGE stimulus checks? How the idea originated and where things stand now Coristine did not return messages seeking comment. Musk's team, which has adopted the name "Department of Government Efficiency" though it is not an official government department, did not respond to emails about Coristine. He is listed as a "senior adviser" at the State Department and the Cybersecurity and Infrastructure Security Agency, according to one official at each agency who told Reuters they had seen his name in their respective agencies' staff directory. On LinkedIn, Coristine describes himself as a "Volunteer (Intern) Plumber" with the U.S. government. The State Department did not return messages asking about Coristine. CISA, which is responsible for protecting federal government networks from cybercriminals and foreign spies, declined comment. EGodly's Telegram channel has been inactive for the past year; attempts to elicit comment from eight people who participated in or interacted with EGodly were unsuccessful. 'THESE ARE BAD FOLKS' DiamondCDN's website - CDN typically stands for "content delivery network" - was registered in mid-2022, according to records collected by DomainTools. It pitched itself as offering "excellent security tools" that would help "lower your infrastructure costs," according to copies of the site maintained by the Internet Archive. The site said the company "has no business inspecting user content." In 2023, EGodly boasted on its Telegram channel of hijacking phone numbers, breaking into unspecified law enforcement email accounts in Latin America and Eastern Europe, and cryptocurrency theft. Early that year, the group distributed the personal details of an FBI agent who they said was investigating them, circulating his phone number, photographs of his house, and other private details on Telegram. EGodly also posted an audio recording of an obscene prank call made to the agent's phone and a video, shot from the inside of a car, of an unknown party driving by the agent's house in Wilmington, Delaware at night and screaming out the window, "EGodly says you're a bitch!" Reuters could not independently verify EGodly's boasts of cybercriminal activity, including its claims to have hijacked phone numbers or infiltrated law enforcement emails. But it was able to authenticate the video by visiting the same Wilmington address and comparing the building to the one in the footage. The FBI agent targeted by EGodly, who is now retired, told Reuters that the group had drawn law enforcement attention because of its connection to swatting, the dangerous practice of making hoax emergency calls to send armed officers swarming targeted addresses. The agent didn't go into detail. Reuters is not identifying him out of concern for further harassment. "These are bad folks," the former agent said. "They're not a pleasant group." He declined to comment further about the harassment or whether EGodly had been or still was the subject of an FBI investigation. The FBI didn't return messages seeking comment on EGodly. Reuters was not able to ascertain how long EGodly used DiamondCDN, or whether EGodly paid Coristine's company. Archived copies of DiamondCDN's website said the firm envisioned having both paying and nonpaying customers. Another individual who has been subject to abuse from EGodly and a cybercrime researcher who has followed the group said it was composed of hardened fraudsters, citing the group's makeup and the credibility of its claims. Both asked not to be identified, citing fears of retaliation. Even if the connection between Coristine and EGodly were fleeting, Nitin Natarajan, who served as the deputy director of CISA under former President Joe Biden, told Reuters it was worrying that someone who provided services to EGodly only two years ago was part of a group that has gained wide access to government networks. "This stuff was not in the distant past," he said. "The recency of the activity and the types of groups he was associated would definitely be concerning." (Reporting by Raphael Satter in Wilmington, Delaware; additional reporting by AJ Vicens in Detroit; editing by Chris Sanders)
The Guardian
26-03-2025
- Business
- The Guardian
Teen member of Musk's Doge staff provided tech support to cybercrime ring, records show
The best-known member of Elon Musk's so-called 'department of government efficiency' (Doge) service team of technologists once provided support to a cybercrime gang that bragged about trafficking in stolen data and cyberstalking an FBI agent, according to digital records reviewed by Reuters. Edward Coristine is among the most visible members of the Doge effort that has been given sweeping access to official networks as it attempts to radically downsize the US government. It is headed by Musk – the world's richest man – with a powerful mandate from Donal Trump. Past reporting had focused on the staffer's youth – he is 19 – and his chosen nickname of 'bigballs,' which became a pop culture punchline. Musk has championed the teen on his social media site X, telling his followers last month: 'Big Balls is awesome.' Beginning around 2022, while still in high school, Coristine ran a company called DiamondCDN that provided network services, according to corporate and digital records reviewed by Reuters and interviews with half a dozen former associates. Among its users was a website run by a ring of cybercriminals operating under the name 'EGodly,' according to digital records preserved by the internet intelligence firm DomainTools and the online cybersecurity tool The details of Coristine's connection to EGodly have not been previously reported. On 15 February 2023, EGodly thanked Coristine's company for its assistance in a post on the Telegram messaging app. 'We extend our gratitude to our valued partners DiamondCDN for generously providing us with their amazing DDoS protection and caching systems, which allow us to securely host and safeguard our website,' the message said. The digital records reviewed by Reuters showed the EGodly website, was tied to internet protocol addresses registered to DiamondCDN and other Coristine-owned entities between October 2022 and June 2023, and that some users attempting to access the site around that time would hit a DiamondCDN 'security check'. Coristine did not return messages seeking comment. Musk's team, which is not an official government department, did not respond to emails about Coristine. Coristine is listed as a 'senior adviser' at the state department and the Cybersecurity and Infrastructure Security Agency, according to one official at each agency who told Reuters they had seen his name in their respective agencies' staff directory. On LinkedIn, Coristine describes himself as a 'Volunteer (Intern) Plumber' with the US government. The state department did not return messages asking about Coristine. CISA, which is responsible for protecting federal government networks from cybercriminals and foreign spies, declined comment. EGodly's Telegram channel has been inactive for the past year; attempts to elicit comment from eight people who participated in or interacted with EGodly were unsuccessful. DiamondCDN's website – CDN typically stands for 'content delivery network' – was registered in mid-2022, according to records collected by DomainTools. It pitched itself as offering 'excellent security tools' that would help 'lower your infrastructure costs', according to copies of the site maintained by the Internet Archive. The site said the company 'has no business inspecting user content'. In 2023, EGodly boasted on its Telegram channel of hijacking phone numbers, breaking into unspecified law enforcement email accounts in Latin America and Eastern Europe, and cryptocurrency theft. Early that year, the group distributed the personal details of an FBI agent who they said was investigating them, circulating his phone number, photographs of his house, and other private details on Telegram. EGodly also posted an audio recording of an obscene prank call made to the agent's phone and a video, shot from the inside of a car, of an unknown party driving by the agent's house in Wilmington, Delaware at night and screaming out the window, 'EGodly says you're a bitch!' Reuters could not independently verify EGodly's boasts of cybercriminal activity, including its claims to have hijacked phone numbers or infiltrated law enforcement emails. But it was able to authenticate the video by visiting the same Wilmington address and comparing the building to the one in the footage. The FBI agent targeted by EGodly, who is now retired, told Reuters that the group had drawn law enforcement attention because of its connection to swatting, the dangerous practice of making hoax emergency calls to send armed officers swarming targeted addresses. The agent didn't go into detail. Reuters is not identifying him out of concern for further harassment. 'These are bad folks,' the former agent said. 'They're not a pleasant group.' He declined to comment further about the harassment or whether EGodly had been or still was the subject of an FBI investigation. The FBI didn't return messages seeking comment on EGodly. Reuters was not able to ascertain how long EGodly used DiamondCDN, or whether EGodly paid Coristine's company. Archived copies of DiamondCDN's website said the firm envisioned having both paying and nonpaying customers. Another individual who has been subject to abuse from EGodly and a cybercrime researcher who has followed the group said it was composed of hardened fraudsters, citing the group's makeup and the credibility of its claims. Both asked not to be identified, citing fears of retaliation. Even if the connection between Coristine and EGodly were fleeting, Nitin Natarajan, who served as the deputy director of CISA under Joe Biden, told Reuters it was worrying that someone who provided services to EGodly only two years ago was part of a group that has gained wide access to government networks. 'This stuff was not in the distant past,' he said. 'The recency of the activity and the types of groups he was associated would definitely be concerning.'
