The U.S. Justice Department has filed criminal charges against three U.S. men accused of swatting, or making hoax reports of bomb threats or murders in a bid to trigger a heavily armed police response to a target’s address. Investigators say the men, aged 19 to 23, all carried out the attacks with the help of Tyler Barriss, a convicted serial swatter whose last stunt in late 2018 cost a Kansas man his life.
FBI agents on Wednesday arrested Neal Patel, 23, of Des Plaines, Ill. and Tyler Stewart, 19 of Gulf Breeze, Fla. The third defendant, Logan Patten, 19, of Greenwood, Mo., agreed to turn himself in. The men are charged in three separate indictments with conspiracy and conveying false information about the use of explosive devices.
Investigators say Patten, who used the Twitter handle “@spared,” hired Barriss in December 2017 to swat individuals and a high school in Lee’s Summit, Mo.
Around the same time, Stewart, a.k.a. “@tragic” on Twitter, allegedly worked with Barriss to make two phony bomb threats to evacuate a high school in Gurnee, Ill. In that incident, Barriss admitted telling police in Gurnee he had left explosives in a classroom and was high on methamphetamine and was thinking about shooting teachers and students.
Also in December 2017, Patel allegedly worked with Barriss to plan a bomb threat targeting a video game convention in Dallas, Texas. Patel is also accused of using stolen credit cards to buy items of clothing for Barriss.
The Justice Department’s media release on the indictments doesn’t specify which convention Barriss and Patel allegedly swatted, but a Wired story from last year tied Barriss to a similarly timed bomb threat that caused the evacuation of a major Call of Duty tournament at the Dallas Convention Center.
“When the social media star SoaR Ashtronova tweeted about the confusion she felt as she fled the event beneath the whir of police helicopters, Barriss taunted her from one of his Twitter accounts: ‘It got ran, baby girl. Thats what happens,” Wired reported.
Interestingly, it was a dispute over a $1.50 grudge match in a Call of Duty game that would ultimately lead to Barriss’s final — and fatal — swatting. On Dec. 28, 2017, Barriss phoned police in Wichita, Kan. from his location in California, telling them he was a local man who’d just shot his father and was holding other family members hostage.
Prosecutors say Barriss did so after getting in the middle of a dispute between two Call of Duty gamers, 18-year-old Casey Viner from Ohio and Shane Gaskill, 20, from Wichita. Viner allegedly asked Barriss to swat Gaskill. But when Gaskill noticed Barriss’ Twitter account suddenly following him online, he tried to deflect the attack. Barriss says Gaskill allegedly dared him to go ahead with the swat, but then gave Barriss an old home address — which was then being occupied by someone else.
When Wichita police responded to the address given by Barriss, they shot and killed 28-year-old Andrew Finch, a father of two who had no party to the dispute and did not know any of the three men.
Both Viner and Gaskill have been charged with wire fraud, conspiracy and obstruction of justice. Barriss pleaded guilty in Nov. 2018 to a total of 51 charges brought by federal prosecutors in Los Angeles, Kansas and Washington, D.C. He has agreed to serve a sentence of between 20 to 25 years in prison. Barriss is slated to be sentenced on March 1, 2019.
Stewart’s attorney declined to comment. Lawyers assigned to Patel and Patten could not be reached for comment.
As the victim of a swatting attack in 2013 and several other unsuccessful attempts, I am pleased to see federal authorities continue to take this crime seriously. According to the FBI, each swatting incident costs emergency responders approximately $10,000. Each hoax also unnecessarily endangers the lives of the responders and the public, and draws important resources away from actual emergencies.
Brian, Any information on the recent swatting of C.H. in Arizona ?
I think you meant “Lee’s Summit, MO” in the third paragraph
No. “Mo.” is the proper abbreviation for Missouri. “MO” is a postal code to be used for addressing mail.
End of first paragraph, shouldn’t that be Kansas man instead of Oklahoma?
Good result. Society can only be improved by removing idiots like this from it for extended periods of time.
tbh, would have been better if the guy survived, even if the preps weren’t immediately caught.
Pretty sure he was talking about the guys going to prison, and not the guy that was killed…
I believe it was a stunt in late 2017 that you mean, along with the date of Dec. 28, 2017, not 2018. Ongoing coverage and articles have been throughout 2018 though, so I understand the typo 🙂
sick people that do this stuff.
Those twitter handles – stolen?
Highly probable. They are traded on a forum called OGUsers
I’m glad these jerks were caught.
It’s disappointing that this stuff is being pursued by the feds in California, rather than where the crimes occurred and the defendants reside. This is another plain example of feds doing forum shopping to separate defendants from their families and resources, to weaken their ability to defend themselves. That is not the American way.
It’s also troubling that these prosecutions won’t stop swatting. This crime is low risk and high reward for the perpetrators. Low risk, because the technology to be hidden is cheap and easy to obtain. These guys were caught because one of the king’s men killed an innocent civilian, prompting a massive, expensive investigation.
As long as police are dispatched to anonymous threats with outrageous paramilitary responses, there will be jerks who will use police SWAT teams for amusement and to annoy their adversaries.
Barriss was in California when he called in the threats; that is why California is where he was prosecuted, and also why it is the nexus of any conspiracy charges. Conspiracy hinges on the single crime that is the subject of the conspiracy…so it all tracks back to California. It isn’t venue shopping…it is just simple common sense.
I appreciate the information, though it means I was wrong about something!
Has anyone compiled a count of all the SWAT events in the last few years? It would be interesting to see a statistical breakdown by triggering event, location, date/time, etc.
I searched google and archive.org for information the past decade. without luck.
A few reports (including two in which Krebs was quoted as an expert in the topic) indicated that the FBI doesn’t record statistics of swatting. That makes sense, of course, as each instance is an example of failure in American police and dispatcher training.
It is, indeed, a nearly unique American problem. While the international community has a similar share of anonymous bomb threats, they seem to have far less instances of swatting.
Hard time with hard labor for an extended period of time should be their just rewards for such acts of criminal irresponsibility.
You can view a SWATting event live on IT consultant’s Carey Holzman’s Youtube channel. While streaming live on Youtube, Holzman was SWATted on January 14, 2019.
His live stream is here: https://www.youtube.com/watch?v=ecY0ExtzOEo
The event occurs at about 1 hour 46 minutes into the stream.
He also had another live stream where he discussed his negotiations with local law enforcement on how the event went down: https://www.youtube.com/watch?v=zEn1y9wXmNI&t=3839s
I agree with some of what he says, especially about police training; but in these days of nuts wiping out classrooms, and bars and going postal, and and terrorism and all; I think he needs to give them a break as well. It certainly sounded to me that he didn’t want the police to go into his home, and just like we did with the “Redcoats” during the war for independence, I can see part of that, but I also agree with a lot of what the police were trying to do as well. I think he could cut them some slack – maybe he’s just being obstinate because he wants to sue the police – that is his prerogative, and also how our system works. I think I’ve said enough on the subject for now.
I can easily understand how scared and upset he was at the swatting and intrusive use of police force, but wow, what a pile of white privilege. If he’d been black, Hispnic, Asian, &c. He would have been flat on the ground with his hands zip-tied behind him and no one trying to talk to him rationally. No one needs confrontation with armed police officers, and there is no more hai-trigger situation than a SWAT raid. Here’s hoping the prosecution will reduce the numbers of those crimes.
If some random guy can get the police to show up at someones house, and kill them, there is a problem with law enforcement. Swatting is a problem because the police do not have a measured and reasonable response to these calls. Does anyone know if law enforcement receives any training about the concept of swatting?
Which caller ID spoofer service enabled Swatter Barriss to call from Los Angeles California to Wichita Kansas multiple times during and after the killing? Shouldn’t the caller ID spoofer service have controls or have some responsibility? I wonder.
“… caller [Barriss], whose number bore a local 316 area code…Unaware that the swatting had already gone monstrously awry, Barriss told a …more detailed version of his story: He had shot his father in the head with a black handgun, and he was forcing his mother and little brother, Alex, to stay in a closet in their one-story house. “Yeah, I’m thinking about, um, ’cause I already poured gasoline all over the house, I might just set it on fire,” he said. When the information from the new 911 call was relayed to the officers at 1033 West McCormick Street, the gravity of their error began to dawn on them. There was no scent of gasoline; the house had two stories, not one; and the police hadn’t found a black handgun or any other weapon…” -Wired
Barriss routinely called non-emergency numbers (not 911) at city offices and was eventually forwarded to emergency responders. He did that also in the fatal Kansas swatting. He did this to avoid calling 911, which only is relayed to operators if the caller is in the local vicinity.
I believe Brian Krebs is correct on the methods used by Barriss – purposely not using 911 to sucessflly cause a Swatting. But, still Barriss would have probably called from the 310, 323, 213 or possibly from 562 area code [according to Wikipedia]. So Barriss probably used a spoofed 316 area code number to fool the local Kansas receptionist. Los Angeles California is not close to Kansas. I consider using caller ID spoofers in a criminal action an important part of the crime. Caller ID spoofers should have better legal controls or be liable to some extend to crimes that use caller ID spoofing.
To Sam I disagree. Your Facebook analogy is misleading in this homicide case. Caller ID is a critical link in a lot of Swatting cases. If NBC streamed live TV casts during this homiced NBC would not be considered a link in the crime.
Even Kansas is going to have people with cellphones with out-of-state area codes.
To make my comment clear, Barriss used a spoofed Wichita, Kansas or the Kansas metropolitan area code number of 316 to trick the local Kamas operator into thinking he was not in Los Angeles but in Kamas committing a local murder. Los Angeles is far from Kansas.
Barriss probably used the Log Angles 323 area code to call a VoIP spoofer service to change his seemingly actual location to Kansas and spoof the local 316 Kansas telephone number. Spoofed telephone numbers play an important role in Swatting scams.
Would be unreasonable to punish the provider of the spoofing service he used, similar to blaming Facebook when murders are streamed on their platform.
Except that Facebook isnt a service that facilitates fraud. PTN spoofing is, and should be illegal if it isnt.
And the dragnet spreads! Woe be to the creeps that keep doing this scumbag behavior.
Hi Brian, this isn’t related to this particular case, but i always wonder why these cybercriminals would be dumb enough to register their domain with either:
1) Their real information
2) Fake emails tied to resources tied to their real information
Many of these people had the technological know-how to set up elaborate systems and schemes that could land them in jail for years, but forgot to hide their identities when registering these domains? This is the lowest hanging fruit.. I just don’t buy it.
Do you think it’s possible or common for these people to be using the identities of other people in order to divert attention/frame others?
Many tech criminals are young adults, building upon online identities they had created for innocent recreational activities as kids.
Few children plan ahead for a future in crime. By the point in their lives where they’re willing to experiment with computer crimes, they’ve become attached to the personas they spent years developing.
Adults who get caught with this stuff tend to be as inexperienced as the children, in that they rarely will create a brand new identity to carry out crimes. Instead, they’ll extend an existing identity to experiment in crime, leaving a crucial fingerprint behind for when they descend further.
Most people aren’t evil, even the criminals. Most don’t plan extensively for avoiding capture or for future crimes. That’s why they tend to leave witnesses alive, evidence behind, and traces to follow.
Other countries do not have this problem because you cannot dispatch the police to implement no-knock deadly raids based on a single phone call in any other country. Swatting is terrible thing to do. And the practices of SWAT teams are the root cause.
Hey Brian and everyone else,
this blog got me to start perusing a career in CS. I want to become a capable computer scientist, with emphasis on cyber sec. I started with Introduction to Programming using Java by Eck. There’s so much information out there and I’m suffering from option paralysis. Can someone recommend books that I should absorb and in which sequence to reach a level where I can be hired to gain practical experience?
Thanks in advance.
KOS covered this topic a little while back.
PS, that’s just one in a series that Brian did on that topic. At the bottom of that article is a link to his whole series.