Man Arrested for AWS Bomb Plot | Threatpost

A Texas man has been charged with plotting a bombing of Amazon Web Services in a quest to allegedly “kill off the internet.”

Seth Aaron Pendley was arrested in Ft. Worth after allegedly attempting to get an explosive device from an undercover FBI employee in a sting. The feds were alerted to Pendley after a concerned citizen contacted them on Jan. 8 about posts from Pendley on, a forum dedicated to organizing militia groups.

According to an announcement from the Department of Justice issued Friday, “a user who went by the screenname ‘Dionysus’ stated he was planning to ‘conduct a little experiment,’ that he said would ‘draw a lot of heat’ and could be ‘dangerous.’ When another user asked what outcome Dionysus desired, he responded, ‘death.’”

The concerned citizen provided the FBI with that user’s email address, which law enforcement traced back to Pendley.

The news comes as conversations and headlines are ongoing about privacy, and the role of forums and social media in spreading disinformation and enabling crime or domestic terrorism. For instance, in February researchers from the Digital Citizens Alliance (DCA) and the Coalition for a Safer Web (CSW) found multiple sellers, based both in the U.S. and internationally, offering to illegally sell COVID-19 vaccines [PDF] on Facebook and Telegram.

According to authorities, in late January, Pendley started sending messages to another confidential source using the Signal encrypted service. Allegedly, he told the source that he planned to use C-4 plastic explosives to attack AWS data centers in an attempt to “kill off about 70 percent of the internet.”

Pendley also boasted on Facebook about taking part in the U.S. Capitol insurrection on Jan. 6.

“In private messages, he allegedly told friends that although he did not actually enter the Capitol building, he did reach the platform, where he swiped a piece of glass from a broken window and interacted with police,” according to the DoJ. “He said he brought a sawed-off AR rifle to D.C., but left the weapon in his car during his movement to the Capitol.”

On March 31, the confidential source introduced Pendley to an undercover FBI employee posing as an explosives supplier. The employee recorded conversations in which Pendley allegedly said he planned to attack infrastructure that he believed provided services to the CIA, FBI and other federal agencies, to bring down “the oligarchy” controlling the United States.

On April 8, Pendley met with the undercover agent again purportedly to pick up bombs (however, the agent delivered inert devices). After the agent showed Pendley how to supposedly arm and detonate the devices, Pendley loaded them into his car, at which point he was arrested.

“We are indebted to the concerned citizen who came forward to report the defendant’s alarming online rhetoric. In flagging his posts to the FBI, this individual may have saved the lives of a number of tech workers,” said acting U.S. attorney Prerak Shah. “We are also incredibly proud of our FBI partners, who ensured that the defendant was apprehended with an inert explosive device before he could inflict real harm. The Justice Department is determined to apprehend domestic extremists who intend to commit violence, no matter what political sentiment drives them to do so.”

If convicted, Pendley faces up to 20 years in federal prison.

“We would like to thank the FBI for their work in this investigation,” AWS said in a media statement. “We take the safety and security of our staff and customer data incredibly seriously, and constantly review various vectors for any potential threats. We will continue to retain this vigilance about our employees and customers.”

When it comes to the regulation of tech platforms, 40 percent of Americans in a recent survey emailed to Threatpost from NordVPN think governments should be allowed to break up big tech, and nearly two-thirds (63 percent) think the government should be allowed to fine tech companies for privacy infractions. And, about 66 percent of Americans want disinformation removed from the platforms they use.

Ever wonder what goes on in underground cybercrime forums? Find out on April 21 at 2 p.m. ET during a FREE Threatpost event, “Underground Markets: A Tour of the Dark Economy.” Experts will take you on a guided tour of the Dark Web, including what’s for sale, how much it costs, how hackers work together and the latest tools available for hackers. Register here for the Wed., April 21 LIVE event.