Wired disclosed this week that a 19-year-old employed by Elon Musk‘s so-called Department of Government Efficiency (DOGE) was granted entry to confidential US governmental systems despite his previous link to cybercriminal networks, which should have barred him from securing the needed security clearances. As today’s report elaborates, the DOGE adolescent is a past member of ‘The Com,’ a collection of Discord and Telegram chat groups that operate as a sort of decentralized cybercriminal social platform for enabling rapid collaboration.

Since President Trump’s second inauguration, Musk’s DOGE squad has accessed an astonishing volume of personal and sensitive information regarding American citizens, swiftly moving to take charge of databases at the U.S. Treasury, the Office of Personnel Management, the Department of Education, and the Department of Health and Human Services, among several others.

Wired initially reported on Feb. 2 that one of the tech experts on Musk’s team is a 19-year-old high school graduate identified as Edward Coristine, who reportedly uses the online alias “Big Balls.” One of the ventures Coristine established, Tesla.Sexy LLC, was launched in 2021 when he would have been around 16 years old.

“Tesla.Sexy LLC manages numerous web domains, including at least two registered in Russia,” Wired mentioned. “One of those domains, which remains active, promotes a service named Helfie, which is an AI bot for Discord servers aimed at the Russian market. While the operation of a Russian website would not breach US sanctions forbidding Americans from engaging with Russian firms, it might still be a consideration in a security clearance evaluation.”

Mr. Coristine has not replied to inquiries for comment. In a subsequent article this week, Wired discovered that someone using a Telegram username associated with Coristine sought a DDoS-for-hire service in 2022, and he briefly worked at a company that focuses on defending clients against DDoS attacks.

Internet routing logs indicate that Coristine operates an Internet service provider named Packetware (AS400495). Also referred to as “DiamondCDN,” Packetware presently hosts tesla[.]sexy and diamondcdn[.]com, among various domains.

DiamondCDN was promoted and claimed by an individual who utilized the alias “Rivage” in multiple Com-based Discord channels over the years. An examination of chat logs from some of these channels shows that other participants often called Rivage “Edward.”

From late 2020 until late 2024, Rivage’s exchanges appeared in several Com chat servers that are closely monitored by security firms. In November 2022, Rivage could be observed asking for recommendations for a dependable and robust DDoS-for-hire service.

Rivage made that inquiry in the cybercrime channel “Dstat,” a central Com hub where individuals could buy and sell attack services. Dstat’s website dstat[.]cc was confiscated in 2024 as part of “Operation PowerOFF,” an international crackdown on DDoS services.

Coristine’s LinkedIn profile indicated that in 2022 he was employed at an anti-DDoS firm named Path Networks, which Wired favorably characterized as a “network monitoring organization recognized for hiring reformed blackhat hackers.” Wired stated:

“At Path Network, Coristine was a systems engineer from April to June of 2022, according to his now-defunct LinkedIn resume. Path has sometimes listed as staff members Eric Taylor, known as Cosmo the God, a notorious former cybercriminal connected to the hacker group UGNazis, and Matthew Flannery, an Australian convicted hacker allegedly associated with the hacking group LulzSec. It remains uncertain whether Coristine was at Path concurrently with these hackers, and WIRED found no proof that either Coristine or other Path personnel engaged in illicit activities while at the establishment.”

The founder of Path is a young individual named Marshal Webb. I wrote about Webb back in 2016, covering a DDoS defense company he co-started named BackConnect Security LLC. On September 20, 2016, KrebsOnSecurity published information revealing that the company had a track record of hijacking Internet address space owned by others.

Less than a day after that piece was published, KrebsOnSecurity.com was subjected to the largest DDoS attack the Internet had ever witnessed at that time. That ongoing assault kept this site offline for nearly 4 days.

The other co-founder of BackConnect Security LLC was Tucker Preston, a Georgian man who admitted guilt in 2020 for hiring a DDoS-for-hire service to launch attacks against others.

The aforementioned Path employee Eric Taylor pleaded guilty in 2017 to charges that included an assault on my residence in 2013. Taylor was among several individuals involved in making a fraudulent report to my local police department about an alleged hostage situation at our home in Virginia. Consequently, a heavily armed police squad surrounded my house and restrained me with handcuffs at gunpoint before realizing it was all a perilous hoax known as “swatting.”

CosmoTheGod shot to Internet notoriety in 2013 when he and several other hackers established the website exposed[dot]su, which “doxed” numerous public officials and celebrities by disclosing the home address, Social Security numbers, and other private information of former First Lady Michelle Obama, the then-FBI director, and the U.S. attorney general, among others. The group also carried out swatting against many of the individuals they doxed.

Wired noted that Coristine was only at Path for a few months in 2022, yet the article did not explain the reason for his brief stint. A screenshot posted on the website pathtruths.com includes a snippet of discussions in June 2022 among Path employees regarding Coristine’s dismissal.

Based on that record, Path founderMarshal Webb expelled Coristine for disclosing internal files to a rival. Shortly after Coristine’s dismissal, a large volume of internal Path documents and discussions were leaked. Among various revelations, those communications indicated that one of Path’s technicians was a Canadian individual named Curtis Gervais, who was found guilty in 2017 of carrying out numerous swatting incidents and bogus bomb threats — including at least two attempts against our residence in 2014.

On May 11, 2024, Rivage announced on a Discord channel aimed at a DDoS protection service primarily advertised to members of The Com. Rivage voiced his discontent regarding his experience in Com-based communities, insinuating that its potential for profit was significantly overstated.

“I don’t believe there’s much revenue to be generated in the com,” Rivage reflected. “I’m not purchasing Heztner [servers] to establish some com VPN.”

After that point, Rivage largely ceased his activity in Com channels. Wired reported that Coristine later spent a summer working for three months at Neuralink, Elon Musk’s brain implant venture.

The complexity of this situation lies in the fact that even when someone genuinely plans to depart from The Com after prolonged association with cybercriminals, they frequently remain vulnerable to personal assaults, harassment, and hacking long after their exit.

This happens because a significant portion of Com culture revolves around intimidating, swatting, and hacking fellow community members. These internal conflicts are often driven by financial incentives, but just as commonly, they are executed by cybercrime factions to take revenge or assert supremacy over rival groups.

Authorities indicate that it is exceedingly challenging for ex-members of violent street gangs to obtain the security clearance necessary to access sensitive or classified information held by the U.S. government. This is because former gang members are particularly easy targets for coercion and extortion by current members of the same gang, representing an unacceptable security threat for intelligence organizations.

And let’s be clear: The Com is the cybercriminal hacking equivalent in the English language to a violent street gang. KrebsOnSecurity has circulated numerous accounts illustrating how conflicts within the community occasionally escalate into real-world violence.

When Coristine’s name emerged in Wired‘s report this week, members of The Com immediately reacted. In the subsequent excerpt from a February 5, 2025 dialogue within a Com-associated hosting service, members scrutinized Rivage’s abilities while contemplating harassing his family and alerting authorities about unspecified accusations that may or may not be valid.

2025-02-05 16:29:44 UTC vperked#0 they got this nigga on indiatimes man
2025-02-05 16:29:46 UTC alexaloo#0 Their cropping is worse than AI could have done
2025-02-05 16:29:48 UTC hebeatsme#0 bro who is that
2025-02-05 16:29:53 UTC hebeatsme#0 yalla re talking about
2025-02-05 16:29:56 UTC xewdy#0 edward
2025-02-05 16:29:56 UTC .yarrb#0 rivagew
2025-02-05 16:29:57 UTC vperked#0 Rivarge
2025-02-05 16:29:57 UTC xewdy#0 diamondcdm
2025-02-05 16:29:59 UTC vperked#0 i cant spell it
2025-02-05 16:30:00 UTC hebeatsme#0 rivage
2025-02-05 16:30:08 UTC .yarrb#0 yes
2025-02-05 16:30:14 UTC hebeatsme#0 i have him added
2025-02-05 16:30:20 UTC hebeatsme#0 hes on discord still
2025-02-05 16:30:47 UTC .yarrb#0 hes focused on stroking zaddy elon
2025-02-05 16:30:47 UTC vperked#0 https://en.wikipedia.org/wiki/Edward_Coristine
2025-02-05 16:30:50 UTC vperked#0 no fucking way
2025-02-05 16:30:53 UTC vperked#0 they even made a wiki for him
2025-02-05 16:30:55 UTC vperked#0 LOOOL
2025-02-05 16:31:05 UTC hebeatsme#0 no way
2025-02-05 16:31:08 UTC hebeatsme#0 hes not a good dev either
2025-02-05 16:31:14 UTC hebeatsme#0 like????
2025-02-05 16:31:22 UTC hebeatsme#0 has to be fake
2025-02-05 16:31:24 UTC xewdy#0 and theyre saying ts
2025-02-05 16:31:29 UTC xewdy#0 like ok bro
2025-02-05 16:31:51 UTC .yarrb#0 now i wanna know what all the other devs are like…
2025-02-05 16:32:00 UTC vperked#0 “`Coristine used the moniker “bigballs” on LinkedIn and @Edwardbigballer on Twitter, according to The Daily Dot.[“`
2025-02-05 16:32:05 UTC vperked#0 LOL
2025-02-05 16:32:06 UTC hebeatsme#0 lmfaooo
2025-02-05 16:32:07 UTC vperked#0 bro
2025-02-05 16:32:10 UTC hebeatsme#0 bro
2025-02-05 16:32:17 UTC hebeatsme#0 has to be fake right
2025-02-05 16:32:22 UTC .yarrb#0 does it mention Rivage?
2025-02-05 16:32:23 UTC xewdy#0 He previously worked for NeuraLink, a brain computer interface company led by Elon Musk
2025-02-05 16:32:26 UTC xewdy#0 bro what
2025-02-05 16:32:27 UTC alexaloo#0 I think your current occupation gives you a good insight of what probably goes on
2025-02-05 16:32:29 UTC hebeatsme#0 bullshit man
2025-02-05 16:32:33 UTC xewdy#0 this nigga got hella secrets
2025-02-05 16:32:37 UTC hebeatsme#0 rivage couldnt print hello world
2025-02-05 16:32:42 UTC hebeatsme#0 if his life was on the line
2025-02-05 16:32:50 UTC xewdy#0 nigga worked for neuralink
2025-02-05 16:32:54 UTC hebeatsme#0 bullshit
2025-02-05 16:33:06 UTC Nashville Dispatch ##0000 ||@PD Ping||
2025-02-05 16:33:07 UTC hebeatsme#0 must have killed all those test pigs with some bugs
2025-02-05 16:33:24 UTC hebeatsme#0 ur telling me the rivage who failed to start a company
2025-02-05 16:33:28 UTC hebeatsme#0 https://cdn.camp
2025-02-05 16:33:32 UTC hebeatsme#0 who didnt pay for servers
2025-02-05 16:33:34 UTC hebeatsme#0 ?
2025-02-05 16:33:42 UTC hebeatsme#0 was too cheap
2025-02-05 16:33:44 UTC vperked#0 yes
2025-02-05 16:33:50 UTC hebeatsme#0 like??
2025-02-05 16:33:53 UTC hebeatsme#0 it aint adding up
2025-02-05 16:33:56 UTC alexaloo#0 He just needed to find his calling idiot.
2025-02-05 16:33:58 UTC alexaloo#0 He found it.
2025-02-05 16:33:59 UTC hebeatsme#0 bro
2025-02-05 16:34:01 UTC alexaloo#0 Cope in a river dude
2025-02-05 16:34:04 UTC hebeatsme#0 he cant make good money right
2025-02-05 16:34:08 UTC hebeatsme#0 doge is about efficiency
2025-02-05 16:34:11 UTC hebeatsme#0 he should make $1/he
2025-02-05 16:34:15 UTC hebeatsme#0 $1/hr
2025-02-05 16:34:25 UTC hebeatsme#0 and be whipped for better code
2025-02-05 16:34:26 UTC vperked#0 prolly makes more than us
2025-02-05 16:34:35 UTC vperked#0 with his dad too
2025-02-05 16:34:52 UTC hebeatsme#0 time to report him for fraud
2025-02-05 16:34:54 UTC hebeatsme#0 to donald trump
2025-02-05 16:35:04 UTC hebeatsme#0 rivage participated in sim swap hacks in 2018
2025-02-05 16:35:08 UTC hebeatsme#0 put that on his wiki
2025-02-05 16:35:10 UTC hebeatsme#0 thanks
2025-02-05 16:35:15 UTC hebeatsme#0 and in 2021
2025-02-05 16:35:17 UTC hebeatsme#0 thanks
2025-02-05 16:35:19 UTC chainofcommand#0 i dont think they’ll care tbh

Considering the rapidity with which Musk’s DOGE team secured access to such vital government databases,it stretches believability that Coristine might have been adequately sanctioned in advance. After all, he had recently been removed from a position for supposedly disclosing confidential corporate information to external parties.

Per the national security adjudication protocols (PDF) issued by the Director of National Intelligence (DNI), evaluative assessments consider a person’s steadiness, dependability, reliability, discretion, integrity, character, honesty, judgment, and capacity to safeguard classified information.

The DNI regulations further declare that “eligibility for covered individuals must be conferred only when facts and situations suggest that eligibility is manifestly aligned with the national security interests of the United States, and any uncertainty must be resolved in favor of national security.”

On Thursday, 25-year-old DOGE employee Marko Elez stepped down after being associated with a deleted social media account that promoted racism and eugenics. Elez resigned following The Wall Street Journal inquiring with the White House about his affiliation with the account.

“Just for clarification, I was racist before it was fashionable,” the account posted in July. “You couldn’t pay me to wed outside of my ethnicity,” the account stated on X in September. “Normalize Indian hate,” the account declared the same month, referring to a post highlighting the number of individuals from India in Silicon Valley.

Elez’s resignation occurred a day after the Department of Justice consented to limit the number of DOGE personnel who could access federal payment systems. The DOJ indicated access would be restricted to two individuals, Elez and Tom Krause, the CEO of a firm called Cloud Software Group.

Earlier today, Musk mentioned his intention to rehire Elez after President Trump and Vice President JD Vance allegedly supported the notion. Speaking at The White House today, Trump stated he was unconcerned about the security of personal data and other information accessed by DOGE, asserting that he was “very proud of the work that this group of young individuals” is doing.

A White House official informed Reuters on Wednesday that Musk and his engineers possess appropriate security clearances and are operating within “full adherence to federal law, appropriate security clearances, and as employees of the relevant agencies, not as external advisers or entities.”

NPR reports Trump further indicated that his administration’s efforts for cost reduction would soon focus on the Education Department and the Pentagon, “where he suggested without proof that there might be ‘trillions’ of dollars wasted within the $6.75 trillion the federal government expended in the fiscal year 2024.”

GOP leaders in the Republican-majority House and Senate have largely dismissed Musk’s ongoing attempts to take charge of federal databases, dismantle congressionally mandated agencies, freeze federal funding for several already-allocated government programs, and intimidate workers with potential layoffs.

Meanwhile, several groups have initiated lawsuits to halt DOGE’s operations. ABC News reports a federal judge was expected to decide today whether DOGE should be prevented from gaining access to Department of Labor records, following a lawsuit alleging Musk’s team aimed to unlawfully access highly sensitive information, including medical data, from the federal government.

At least 13 state attorneys general have expressed their intention to file a lawsuit to prevent DOGE from accessing federal payment systems that hold sensitive personal details of Americans, according to The Associated Press.

Reuters reported on Thursday that the U.S. Treasury Department had agreed not to allow Musk’s team access to its payment systems while a judge hears arguments in a case brought by employee unions and retirees alleging Musk illegally searched those records.

Ars Technica states that The Department of Education (DoE) was sued on Friday by a California student association demanding an “immediate halt” to DOGE’s “illegally” probing into student loan data to potentially dismantle the DoE.