Elon Musk’s DOGE technologist tied to cyber criminals

A prominent member of Elon Musk’s U.S. DOGE Service team, which has been granted sweeping access to government networks, previously provided support to a cybercriminal group that boasted of data theft and cyberstalking an FBI agent, according to digital records reviewed by Reuters.

Edward Coristine, a 19-year-old technologist and self-described “senior adviser” at the State Department and the Cybersecurity and Infrastructure Security Agency (CISA), once ran a company that supplied services to a cybercrime network known as EGodly.

The group, active in 2022 and 2023, claimed responsibility for hijacking phone numbers, infiltrating law enforcement emails, and publishing the personal details of an FBI agent investigating them.

Coristine’s company, DiamondCDN, provided network security tools and DDoS protection, according to online records. In February 2023, EGodly publicly thanked DiamondCDN for assisting in securing its website, data leak.fun, which hosted stolen data.

Digital traces reviewed by Reuters showed the website was linked to internet protocol addresses registered to Coristine’s entities.

Coristine did not respond to requests for comment. Musk’s DOGE Service, an informal effort dubbed the “Department of Government Efficiency,” also did not reply to inquiries about Coristine’s role.

His name appears in staff directories for both the State Department and CISA, according to officials at those agencies.

On LinkedIn, Coristine lists his government role as a “Volunteer (Intern) Plumber.”

CISA, tasked with protecting federal networks from cyber threats, declined to comment on Coristine’s involvement. The State Department did not respond to inquiries.

EGodly, which has been inactive for a year, gained notoriety for its brazen attacks. In early 2023, it released an audio recording of an obscene prank call to an FBI agent and posted a video of someone driving past his home in Wilmington, Delaware, shouting an expletive-laced threat.

Reuters authenticated the video by comparing the location to the agent’s residence. The former agent, now retired, confirmed EGodly was linked to swatting incidents—hoax emergency calls that send armed police to a target’s home.

“These are bad folks,” he told Reuters. “They’re not a pleasant group.”

While it remains unclear how long EGodly used DiamondCDN’s services or whether they paid Coristine’s company, archived versions of the firm’s website indicated it served both paying and nonpaying customers.

Cybersecurity experts warn that Coristine’s past ties to the group raise concerns about his current government access.

“This stuff was not in the distant past,” said Nitin Natarajan, former deputy director of CISA under President Joe Biden. “The recency of the activity and the types of groups he was associated with would definitely be concerning.”