A 17-Year-Old Was Responsible For Twitter Hack

August 2, 2020 Off By Rowena Cletus

The massive Twitter hack that occurred on July 15th, which compromised the accounts of prominent celebrities, politicians and companies, was perpetrated by a 17-year old. The San Joe Inside reported that Graham Clark, from Orlando, Florida was responsible for the breach based on recent filings with the Northern District Court of California.

According to the United States Department of Justice, three others were charged as well for their alleged role in the hack. Two of the three are Mason Sheppard, aka “Chaewon,” 19, of Bognor Regis, in the United Kingdom and Nima Fazeli, aka “Rolex,” 22, of Orlando, Florida.

The third defendant, who is a minor, wasn’t named publicly as a means to protect their identity. Sheppard faces conspiracy to commit wire fraud, conspiracy to commit money laundering, and the intentional access of a protected computer. Fazeli has been charged with with aiding and abetting the intentional access of a protected computer.

Useful Links:
Sequence of Events As Reported by Twitter
Twitter Accounts Of Important Political Figures & Companies Hacked

Apparently, Clark managed to fool a Twitter IT employee into providing login credentials to the firm’s customer support system. Clark claimed to be a colleague who forgot said credentials. Once in, he gained access to about 130 Twitter accounts. Said accounts were then used to post fraudulent tweets asking for money.

The public were asked to transfer $1,000 in Bitcoin to an account with the promise of the receiver reciprocating by returning double the value of what was sent. According to the Attorney’s Office of the Attorney’s Office of the Northern District of California, more than 400 transfers were made by unsuspecting victims worth more than $100,000.

Twitter, dumbfounded by the unprecedented hack, blocked access to the compromised accounts until it could grasp the magnitude of the problem. Meanwhile the FBI started an investigation to bring the perpetrators to justice. It involved a joint effort with the IRS-Criminal Investigation Cyber Unit, Secret Service and U.S. Attorney’s Office.

A scam bitcoin account was created to funnel the stolen bitcoin that victims deposited. Washington DC Field Office Cyber Crimes Unit then analyzed the blockchain and de-anonymized bitcoin transactions allowing for the identification of two different hackers. The perpetrators also bragged about their heist on online forums according to a federal complaint.

“Today’s announcement proves that cyber-criminals can no longer hide behind perceived global anonymity,” said Thomas Edwards, Special Agent in Charge, U.S. Secret Service, San Francisco Field Office.

This brings to a close a tumultuous month for Twitter and its users. Once considered one of the more secure social media platforms, the company was left with egg on its face for the complete lack of foresight regarding security measures against social engineering. Now, a great deal of soul-searching is needed as the company tries to piece-together its shattered reputation.

Sources:
Nothern District Court of California
US Department of Justice
San Jose Inside
WFLA.com
Engadget