A British man, a Florida man, and a Florida teen were identified as hackers on Friday by the authorities, who took over Twitter accounts from prominent politicians, celebrities, and technology goggles earlier this month to help people around the world from more than $ 100,000 – Cheat dollars in Bitcoin.
17-year-old Graham Ivan Clark was arrested on Friday in Tampa, where the Hillsborough prosecutor's office will prosecute him as an adult. According to a press release, he faces 30 crimes. Mason Sheppard (19) from Bognor Regis (Great Britain) and Nima Fazeli (22) from Orlando were indicted in a federal court in California.
In one of the best-known security breaches in recent years, hackers sent false tweets from the reports of Barack Obama, Joe Biden, Mike Bloomberg, and a number of tech billionaires on July 15, including Amazon CEO Jeff Bezos and Microsoft co-founder Bill Gates and Elon Musk, CEO of Tesla. Celebrities Kanye West and his wife Kim Kardashian West were also hacked.
The tweets offered to send $ 2,000 for every $ 1,000 sent to an anonymous Bitcoin address.
"There is a false belief within the criminal hacker community that attacks like the Twitter hack can be carried out anonymously and without consequence," said Northern District of California attorney David L. Anderson in a press release. "Today's announcement of the indictment shows that enthusiasm for shameful hacking into a safe environment for fun or profit will be short-lived."
Although the case against the juvenile was also investigated by the FBI and the U.S. Department of Justice, Hillsborough prosecutor Andrew Warren said that his office was being prosecuted in a Florida court because of Florida law regarding minors in financial fraud cases Adults may be accused of this as the case may be. He added that Clark was the leader of the hacking scam.
"This defendant lives here in Tampa, he committed the crime here and is being prosecuted here," said Warren.
Security experts were not surprised that the hack's alleged mastermind was 17, as both the operation and hackers' willingness to subsequently discuss the hack with reporters online are relatively amateurish.
"I think this is a great case study that shows how technology democratizes the ability to commit serious crimes," said Jake Williams, founder of the cyber security company Rendition Infosec. "I'm not particularly surprised that at least one of the suspects is a minor. There hasn't been much development for this attack."
Williams said the hackers were "extremely sloppy" in how they moved Bitcoin.
He also said he had a conflict over whether Clark should be charged as an adult.
"He definitely deserved to pay (to take the opportunity), but spending decades in prison may not seem fair in this case," said William.
Twitter previously said hackers used the phone to get the social media company's employees to give them access. Hackers were said to have "attacked a small number of employees through a telephone spear phishing attack."
"This attack was based on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems," the company tweeted.
After stealing employee credentials and accessing Twitter's systems, the hackers were able to target other employees who had access to account support tools.
The hackers targeted 130 accounts. They managed to tweet from 45 accounts, access the inbox of 36 direct messages, and download Twitter data from seven. Dutch anti-Islam lawmaker Geert Wilders said his inbox was among those that were accessed.
Internal Revenue Service investigators in Washington, DC, identified two of the hackers by analyzing Bitcoin transactions on the blockchain – the general ledger that records transactions – including those that the hackers wanted to keep anonymous, the prosecutor said .
Spear-Phishing is a more targeted version of phishing, an impersonation fraud that uses email or other electronic communications to trick recipients into disclosing confidential information.
Twitter said it would provide a more detailed report later, "given the ongoing law enforcement investigation."
The company previously said the incident was a “coordinated social engineering attack” that attacked some of its employees with access to internal systems and tools. There was no further information on how the attack was carried out, but the details released so far indicate that the hackers initially used the old-fashioned method to talk past security.
British cybersecurity analyst Graham Cluley suspected that a targeted Twitter employee or contractor had received a phone message asking him to call a number.
"When the worker called the number, he may have been taken to a persuasive (but fake) help desk employee who could then use social engineering techniques to trick the intended victim into handing over his credentials," Clulely wrote in Friday his blog.
It's also possible that the hackers pretended to call the company's legitimate hotline by spoofing the number, he said.
Fazeli's father said on Friday that he hadn't been able to speak to his son since Thursday.
"I am 100% sure that my son is innocent," said Mohamad Fazeli. "He is a very good person, very honest, very smart and loyal."
"We are as shocked as everyone else," he said over the phone. "I'm sure it's a mix up."
Attempts to reach relatives of the other two were not immediately successful. There was no lawyer for Clark in the Hillsborough County court files, and there were no lawyers for Sheppard or Fazeli in the federal records.
Associated press writers Kelvin Chan in London, Matt O & # 39; Brien in Providence, Rhode Island and Frank Bajak in Boston contributed to this report.