Florida Teen, Two Others Charged In Elaborate Twitter Hack

The 17-year-old, identified by a Tampa television station, faces 30 felony counts of fraud related to the hack of the accounts of high-profile celebrities and brands. Federal authorities also charged two alleged conspirators with participating in the scam that yielded $100,000 in Bitcoin in just two hours

State prosecutors have charged a Florida teenager with being the main force behind the recent hack of high-profile Twitter accounts, according to a news station in Tampa, Fla.

Graham Clark, 17, was arrested Friday morning for the July 15 breach orchestrated through a social engineering attack on Twitter employees.

Clark faces 30 counts of fraud and unauthorized access of a device related to taking over accounts of prominent celebrities and brands, including Tesla CEO Elon Musk, Microsoft co-founder Bill Gates, Amazon CEO Jeff Bezos and Apple and Uber.

Two other men were also charged in connection with the crime in a federal court in San Francisco, said United States Attorney David L. Anderson in the Norther District of California,

Mason Sheppard, aka “Chaewon,” a 19-year-old from Bognor Regis, UK, was charged with conspiracy to commit wire fraud and money laundering, as well as intentional access of a protected computer. Nima Fazeli, aka “Rolex,” a 22-year-old from Orlando, was charged with helping access the protected computer.

Federal authorities said they would not identify another conspirator because he is a minor.

In all, some 130 Twitter accounts of politicians, celebrities, and musicians, were compromised, the U.S. Justice Department said.

The phony tweets solicited bitcoin transfers, and authorities believe conspirators netted more than $100,000 in the cryptocurrency while operational for two hours.

[Related: Square, Twitter Co-founder Jack Dorsey Pledges $1B To Coronavirus Relief]

In response to the swift arrests, Twitter tweeted later in the day: “We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses. For our part, we are focused on being transparent and providing updates regularly.”

In a criminal complaint filed by the Hillsborough State Attorney, Clark was accused of “scamming people across America.”

The hackers posted messages, posing as those prominent people and companies, that urged their followers to send Bitcoin to accounts associated with Clark, according to the complaint.

The San Francisco-based social media giant said there’s no evidence the hackers actually accessed passwords of its users in the massive breach, and for that reason, didn’t recommend resetting passwords.

As part of its incident response, Twitter did briefly lock down any accounts that had attempted a password change during the past 30 days, the @TwitterSupport team tweeted.

The malicious posts began appearing shortly after the market closed that Wednesday. Later that day, Twitter disclosed that threat actors successfully targeted its staffers to gain access to internal systems and tools.

“The attack on July 15, 2020, targeted a small number of employees through a phone spear phishing attack. This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” Twitter posted a day later.

“By obtaining employee credentials, they were able to target specific employees who had access to our account support tools. They then targeted 130 Twitter accounts - Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7.”

Twitter said it has accelerated several pre-existing security workstreams and improvements to its tools in response.

“We are also improving our methods for detecting and preventing inappropriate access to our internal systems and prioritizing security work across many of our teams,” the @TwitterSupport team tweeted.