A Tampa, Florida teenager has been accused of being the ”mastermind” behind the biggest hack on Twitter and has been placed under arrest.
17-year-old Graham Clark is facing 30 felony charges for “scamming people across America” that includes organized fraud, communications fraud, fraudulent use of personal information, and access to computer or electronic devices without authority.
The charges have been related to the July 15 incident when some of the big accounts including Elon Musk, Bill Gates, Warren Buffett, Joe Biden, Barack Obama, Kanye West among others were hacked to promote a Bitcoin giveaway scam. The scam was able to steal less than 13 BTC worth about $120,000.
“As a cryptocurrency, Bitcoin is difficult to track and recover if stolen in a scam,” the state attorney’s office said. The suspect behind the attack was found by the FBI and US Department of Justice after a “complex, nationwide investigation.”
IT Department Here
Twitter also released a statement thanking law enforcement for their “swift actions” while sharing further details about the attack.
We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses. For our part, we are focused on being transparent and providing updates regularly.
For the latest, see here 👇 https://t.co/kHty8TXaly
— Twitter Comms (@TwitterComms) July 31, 2020
A small number of Twitter employees were targeted via a phone spear-phishing attack relying on “a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” read the statement.
A total of 130 Twitter accounts were targeted — the hackers tweeted from 45 accounts, accessing the DM inbox of 36, and downloading the data of 7.
The Tempa teen allegedly convinced a Twitter employee that he worked in the Twitter IT department and tricked them into giving them the credentials, as per an affidavit released late Friday.
Clark will be prosecuted in Florida so he can be charged as an adult, “This was not an ordinary 17-year old,” said the state attorney who added,
“This could have had a massive, massive amount of money stolen from people, it could have destabilized financial markets within America and across the globe.”
“This ‘Bit-Con’ was designed to steal money from regular Americans from all over the country.,”
“This massive fraud was orchestrated right here in our backyard, and we will not stand for that.”
Clark is just one of the three suspects, the other two were identified as 9-year-old Mason Sheppard from the UK and 22-year-old Nima Fazeli from Orlando.
Sheppard was found thanks in part to his driver’s license used to verify himself with crypto exchanges Coinbase and Binance. His accounts were also found to have sent and received some of the scammed BTC.
Similarly, Fazeli used a driver’s license to verify with Coinbase where accounts controlled by him allegedly received payments in exchange for stolen Twitter usernames.
Both are facing $250,000 fine and while Fazeli is facing five years in prison, Sheppard is being charged with wire fraud and money laundering conspiracy as well on top of computer intrusion as such facing a 20-year sentence.