An Israeli Jew arrested for making more than 100 ‘anti-semitic’ bomb threats in the U.S. outran the FBI for months, using Bitcoin and more to stay hidden
The [Israeli-American dual nationality Jew] arrested Thursday for a wave of bomb threats against Jewish Community Centres in the United States employed an array of technologies, including Bitcoin and Google Voice, to make himself virtually untraceable for months.
Police arrested 19-year-old Michael Kaydar, who has joint Israeli-U.S. citizenship, at his home in Ashkelon, a coastal city in southern Israel. He’s suspected of phoning in over 100 bomb threats to JCCs and Jewish day schools in 33 states since January, with the most recent calls made two weeks ago.
Police also suspect him of making similar threats in Israel, Europe, Australia, and New Zealand.
The arrest followed an international probe that began with the first U.S. threats in January, and quickly hit its first roadblock, according to sources close to the investigation. The FBI traced the phone calls back to a service called SpoofCard that allows users to mask their caller ID, so their phone calls can appear to come from any number they choose.
The FBI sent a subpoena to the company that runs the service, New Jersey-based TelTech, in the hope of obtaining the caller’s real number. But that phone number turned out to be a disposable Google Voice line established under an alias.
The server logs from both TelTech and Google weren’t much more helpful. They showed that the suspect routed his Internet connection through anonymous proxy servers overseas. Even the caller’s voice was anonymous — he used Spoofcard’s voice-changing option to make himself sound like a voice synthesizer imitating a woman. And rather than use a traceable credit card or PayPal, the perpetrator paid for his Spoofcard in Bitcoin—another dead end.
Meanwhile, the bomb threats continued, coming in six separate waves. Jewish centres and day schools began evacuating with almost routine regularity. The threats were generally seen as evidence that anti-Semitic fringe groups were feeling emboldened by the election of Donald Trump.
But in his rush to reach as many Jewish institutions as possible, the original bomb hoaxer grew careless. On at least one occasion, he neglected to route his Internet connection through a proxy server, leaving behind a real IP address in the server logs. The address was in Israel, where police traced it to a WiFi access point that Kaydar was allegedly accessing through a giant antenna pointed out a window in his home.
http://www.thedailybeast.com/the-slip-u ... omb-caller