3 charged in massive Twitter hack, Bitcoin scam




 

MIAMI (AP) - A British man, a Florida man and a Florida teen hacked the Twitter accounts of prominent politicians, celebrities and technology moguls to scam people around globe out of more than $100,000 in Bitcoin, authorities said Friday.

Graham Ivan Clark, 17, was arrested Friday in Tampa, where the Hillsborough State Attorney's Office will prosecute him as adult. He faces 30 felony charges, according to a news release. Mason Sheppard, 19, of Bognor Regis, U.K., and Nima Fazeli, 22, of Orlando, were charged in California federal court.

In one of the most high-profile security breaches in recent years, hackers sent out bogus tweets on July 15 from the accounts of Barack Obama, Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked.

The tweets offered to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.

"There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence," U.S. Attorney David L. Anderson for the Northern District of California said in a news release. "Today's charging announcement demonstrates that the elation of nefarious hacking into a secure environment for fun or profit will be short-lived."

Although the case against the teen was also investigated by the FBI and the U.S. Department of Justice, Hillsborough State Attorney Andrew Warren explained that his office is prosecuting Clark in Florida state court because Florida law allows minors to be charged as adults in financial fraud cases such as this when appropriate.

"This defendant lives here in Tampa, he committed the crime here, and he'll be prosecuted here," Warren said.

Twitter previously said hackers used the phone to fool the social media company's employees into giving them access. It said hackers targeted "a small number of employees through a phone spear-phishing attack."

"This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems," the company tweeted.

After stealing employee credentials and getting into Twitter's systems, the hackers were able to target other employees who had access to account support tools, the company said.

The hackers targeted 130 accounts. They managed to tweet from 45 accounts, access the direct message inboxes of 36, and download the Twitter data from seven. Dutch anti-Islam lawmaker Geert Wilders has said his inbox was among those accessed.

Internal Revenue Service investigators in Washington, D.C., were able to identify two of the hackers by analyzing Bitcoin transactions on the blockchain - the ledger where transactions are recorded - including ones the hackers attempted to keep anonymous, federal prosecutors said.

Spear-phishing is a more targeted version of phishing, an impersonation scam that uses email or other electronic communications to deceive recipients into handing over sensitive information.

Twitter said it would provide a more detailed report later "given the ongoing law enforcement investigation."

The company has previously said the incident was a "coordinated social engineering attack" that targeted some of its employees with access to internal systems and tools. It didn't provide any more information about how the attack was carried out, but the details released so far suggest the hackers started by using the old-fashioned method of talking their way past security.

British cybersecurity analyst Graham Cluley said his guess was that a targeted Twitter employee or contractor received a message by phone asking them to call a number.

"When the worker called the number they might have been taken to a convincing (but fake) helpdesk operator, who was then able to use social engineering techniques to trick the intended victim into handing over their credentials," Clulely wrote Friday on his blog.

It's also possible the hackers pretended to call from the company's legitimate help line by spoofing the number, he said.

Hillsborough County court records didn't list an attorney for Clark, and federal court records didn't list attorneys for Sheppard or Fazeli.

___

Associated Press Writer Kelvin Chan in London contributed to this report.

COMMENTS

More Related News

Bitcoin and Ethereum crash by more than 12% in 6 minutes as more than $1B of positions gets liquidated
Bitcoin and Ethereum crash by more than 12% in 6 minutes as more than $1B of positions gets liquidated

Bitcoin and Ethereum crashed by 12% and 20% respectively in about 6 minutes as more than $1 billion of positions were liquidated. Bitcoin's price went from $11,930 to $10,550. By press time, the price has now recovered to about $11,400. Ethereum crashed from $408 to $326. By press time, the price has now recovered to […]The post Bitcoin and Ethereum crash by more than 12% in 6 minutes as more than $1B of positions gets liquidated appeared first on The Block.

SpaceX is about to win a high-stakes game of capture the flag that Barack Obama started 9 years ago
SpaceX is about to win a high-stakes game of capture the flag that Barack Obama started 9 years ago

On the International Space Station, the American flag that SpaceX claimed has a note: "Do not forget to take with Crew Dragon."

British teenager charged with hacking Twitter celebrities faces extradition to the US
British teenager charged with hacking Twitter celebrities faces extradition to the US
  • US
  • 2020-08-01 18:15:25Z

A British teenager charged with hacking Twitter had his home searched by the National Crime Agency and is likely to face extradition to the US, the Sunday Telegraph can reveal. Mason Sheppard, a 19-year-old from Bognor Regis, was one of three people charged by the US Department of Justice on Friday night over an alleged cyber scam that saw the accounts of various celebrities hijacked last month. Sources told the Sunday Telegraph Mr Sheppard, who is said to go by the codename 'Chaewon', could face extradition if prosecutors in the US put in a request. However, he has not been arrested by officers in Britain, who are assisting in their investigation. Mr Sheppard is in a long line of British...

Bitcoin Crosses $11,400 Mark, Beats Major Indexes In July Gains
Bitcoin Crosses $11,400 Mark, Beats Major Indexes In July Gains

Bitcoin on Friday crossed the $11,460 mark, its highest July peak in eight years. The cryptocurrency gained about 23% in July. What To Know: Analysts said the spike could be an outcome from the directive of U.S. officials that allowed all nationally chartered banks to open and maintain crypto wallets for their customers."There's definitely a more bullish sentiment since that announcement came out and as we've all seen, has resulted in an upward movement," Michael Rabkin, head of institutional sales at DV Chain, told Coin Desk.A positive news cycle on the crypto market is boosting the market, he said. According to various sources and DeFi Pulse, funds on Defi Platforms stands at...

Who could be Joe Biden
Who could be Joe Biden's running mate?

There are a lot of talented female politicians in the running - and they each have a special power.

Leave a Comment

Your email address will not be published. Required fields are marked with *

Cancel reply

Comments

Top News: Economy