Florida Teen Charged As ‘Mastermind’ Of Massive Twitter Hack

0
94
The Twitter logo is seen on a phone in this photo illustration in Washington, DC, on July 10, 2019. - Twitter is moving to filter out inappropriate content based on religion as part of its effort to curb hate speech. In a policy update on July 9, 2019, Twitter said it would take down "dehumanizing language" that targets specific religious groups.Examples shown by Twitter that would be removed would be description of a members of a religion as "disgusting" or "filthy animals." (Photo by Alastair Pike / AFP) (Photo credit should read ALASTAIR PIKE/AFP via Getty Images)

Florida prosecutors have charged a teenager with being the “mastermind” of a hack that targeted some of Twitter’s best-known accounts and, prosecutors said, scammed more than $100,000 in Bitcoin from duped users.

Two other people were also charged by federal prosecutors over their alleged involvement in the July 15 hack, which involved the accounts of the social media network’s richest and most famous users, including former President Barack Obama, presumptive Democratic presidential nominee Joe Biden, Amazon CEO Jeff Bezos and rapper Kanye West.

TECHNOLOGY
Twitter Says It Was The Victim Of A ‘Coordinated Social Engineering Attack’
Federal agents arrested Graham Ivan Clark, a 17-year-old Tampa resident, on Friday morning after a nationwide investigation by the FBI and Department of Justice, according to the state attorney’s office in Hillsborough County, Florida. He is facing 30 felony charges. (360aproko is naming Clark because he is being charged under Florida state law as an adult.)

“Clark hacked into the Twitter accounts of famous people and celebrities, but they were not the primary victims. This ‘Bit-Con’ was designed to defraud money from regular Americans from across the country and here in Florida,” Hillsborough County State Attorney Andrew Warren said at a press conference Friday.

The Twitter profiles were used to post messages asking their millions of followers to send Bitcoin to accounts associated with Clark, Warren said. The messages promised the senders that their payments would be doubled — which never happened. Clark also sold access to some of the accounts, according to Warren.

Clark “reaped over $100,000 in Bitcoin in just one day,” Warren said. “He’s a 17-year-old kid who apparently just graduated high school, but make no mistake: This was not an ordinary 17-year-old. This was a highly sophisticated attack on a magnitude not seen before.”

Clark faces 17 counts of communications fraud, one count of organized fraud, one count of fraudulent use of personal information with over $100,000 or 30 or more victims, 10 counts of fraudulent use of personal information, and one count of accessing a computer or electronic device without authority.

TECHNOLOGY
As Authorities Probe Twitter Hack, Ex-FBI Officials Warns: ‘Get Ready For Copycats’
Warren said Clark was being charged in Florida rather than by federal prosecutors because state law allows minors to be charged as adults in financial fraud cases “when appropriate.”

Separately, the U.S. Attorney’s Office for the Northern District of California charged Mason Sheppard, a 19-year-old in the U.K., and Nima Fazeli, 22, of Orlando, Fla., with roles in the hack.

Sheppard was charged with conspiracy to commit wire fraud, conspiracy to commit money laundering and the intentional access of a protected computer. Fazeli was charged with aiding and abetting the intentional access of a protected computer.

Twitter said in a statement: “We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses.”

The attack — thought to be the largest and most coordinated in Twitter’s history — has exposed vulnerabilities on the platform, which is a major communications channel for news outlets, companies, celebrities and politicians, including President Donald Trump.

Twitter said on Thursday that a “small number of employees” were targeted in a “phone spear phishing attack” — where hackers trick people into handing over passwords or other credentials. Once the attackers got those credentials, they were able to use Twitter’s account support tools to gain access to user accounts.

The attack targeted 130 Twitter accounts, tweeted from 45 of them, accessed the direct messages of 36 and downloaded data from seven accounts, the company said.

Twitter said it has “significantly limited” access to internal tools and is “improving our methods for detecting and preventing inappropriate access to our internal systems.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here