He continued flying that day from Chicago to Syracuse, New York. While en route, United Airlines' Cyber Security Intelligence Department had seen his tweet, which referred to the EICAS system, or Engine Indication and Crew Alerting System.
According to the warrant application, an FBI special agent later examined the first-class cabin where Roberts flew on his way to Chicago. The SEBs under seats 2A and 3A showed signs of tampering.
"The SEB under 2A was damaged," the document said. "The outer cover of the box was open approximately 1/2 inch, and one of the retaining screws was not seated and was exposed."
Roberts told agents that he did not compromise the airplane's network on the flight to Chicago, the warrant application said.
In February and March, the FBI had interviewed Roberts in which he allegedly also told agents he had hacked IFE systems on aircraft before.
Hurley wrote they seized his equipment in Syracuse because "it would endanger public safety to allow him to leave the Syracuse airport that evening with that equipment."
Sign up for CIO Asia eNewsletters.