Henry Iheanacho August 1, 2020.
The 17-year-old boy who orchestrated and executed a scam which targeted the accounts of celebrities and personalities, including former President, Barack Obama, Bill Gates and Elon Musk has been arrested and charged along with Two others.
Recall that verified Twitter accounts of personalities posted the same message which asked people to send Bitcoin and they would get double your money in return. Kanye West, Elon Musk, Bill Gates, Joe Biden, Barack Obama and dozens of others were hacked, and it raised questions about the strength of security provided by Twitter and other tech companies.
Police authorities on Friday, allayed fears that the hack was the work of professionals, stating that the “mastermind” of one of the most high-profile hacks in recent years was a 17-year-old recent high school graduate from Florida.
The culprit, Graham Ivan Clark was arrested in his Tampa apartment, where he lived by himself, early Friday, state officials said. He faces 30 felony charges in the hack, including fraud, and is being charged as an adult.
Two other people, Mason John Sheppard, 19, of the United Kingdom, and Nima Fazeli, 22, of Orlando, Fla., were accused of helping Mr. Clark during the takeover. Prosecutors said the two appeared to have aided the central figure in the attack, who went by the name Kirk.
Documents released on Friday do not provide the real identity of Kirk, but they suggest that it was Mr. Clark. Mr. Clark was skilled enough to go unnoticed inside Twitter’s network, said Andrew Warren, the Florida state attorney handling the case. “This was not an ordinary 17-year-old,” Mr. Warren said despite video evidence Mr. Clark convinced one of the company’s employees that he was a co-worker in the technology department who needed the employee’s credentials to access the customer service portal, a criminal affidavit from Florida said.
More on Number Systems
By the time the hackers were done, they had broken into 130 accounts and raised significant new questions about Twitter’s security. Despite the hackers’ cleverness, their plan quickly fell apart, according to court documents.
They left hints about their real identities and scrambled to hide the money they’d made once the hack became public. Their mistakes allowed law enforcement to quickly track them down.
Less than a week after the incident, federal agents, search warrant in hand, went to a home in Northern California, according to the documents. There, they interviewed another youngster who admitted participating in the scheme. The individual, who is not named in the documents because he or she is a minor, gave authorities information that helped them identify Mr. Sheppard and said that Mr. Sheppard had discussed turning himself in to law enforcement.
Because Mr. Clark is under 18, he was charged by the Florida state attorney in Tampa, rather than by federal authorities. His age also means that many details of his case are being kept under wraps. Federal authorities were already tracking Mr. Clark’s online activity before the Twitter hack, according to legal documents. In April, the Secret Service seized over $700,000 worth of Bitcoin from him, but it was unclear why.
The documents released on Friday largely repeat what several hackers involved in the attack told The New York Times two weeks ago: The hack began early on July 15 as a quiet scheme to steal and sell unusual user names
But as the day wore on, the attack, led by Kirk, took over dozens of accounts belonging to cryptocurrency companies and celebrities. Bitcoin flowed into the hackers’ accounts. The scheme netted Bitcoin worth more than $180,000, according to a New York Times estimate.
A special agent with an Internal Revenue Service investigative unit said in a court filing that Mr. Sheppard participated in the hack while using the screen name “ever so anxious.” A person using that name told The Times a few days after the attack that he got involved because he wanted to acquire unique Twitter user names.
“i just kinda found it cool having a username that other people would want,” “ever so anxious” said in a chat with The Times. He ultimately brokered the sale of at least 10 addresses, such as @drug, @w and @L, according to the indictment against him. Mr. Fazeli is also accused of serving as a middleman, helping to sell stolen Twitter accounts on the day of the attack under the user name “Rolex.” But the indictment provides few details on Mr. Fazeli’s work as a middleman.
By the time Twitter finally managed to stop the attack, the hackers had tweeted from 45 of the accounts they had broken into, gained access to the direct messages of 36 accounts, and downloaded full information from seven accounts,” the company said.
Mr. Fazeli and Mr. Clark were arrested on Friday. Mr. Sheppard has not been arrested but is expected to be taken into custody, the F.B.I. said. “While investigations into cyber breaches can sometimes take years, our investigators were able to bring these hackers into custody in a matter of weeks,” said John Bennett, a special agent in charge with the F.B.I. The investigation is still underway and it is possible there will be additional arrests, a bureau spokeswoman said.
The young men who participated in the breach come from a loose-knit community of hackers who focus on account takeovers, cyber-security experts said. Using a practice known as SIM-swapping, they often target telecom companies to compromise victims’ phone numbers and intercept login credentials.
The attackers targeted Twitter employees, stealing their account credentials in order to gain access to an internal system that allowed them to reset the passwords of most Twitter users. (Some users, like President Trump, have extra security on their accounts to prevent takeovers.) Allison Nixon, the chief research officer of the security firm Unit 221B said; “These people come trained to be efficient and creative at their attack methods, they’ve realized there’s this world of soft targets.”
These hackers often focus on financial fraud, but their ability to gain access to the accounts of political figures could attract new and dangerous customers”. “One of the things that concerns me is that, as these actors continue to refine their techniques and learn, they’re going to realize that there are other customers who will pay a lot more for things other than a single-character user name,” she said.
“I don’t think they’ve even scratched the surface of how much damage they could cause.” In a statement, Twitter thanked law enforcement for its “swift actions” and said it would continue to cooperate with the investigation.