3 Charged in Twitter HackFlorida Teen, 2 Others Charged in Connection With Compromising 130 Accounts
A Florida teenager and a second unidentified individual were arrested and a third man was charged in connection with hacking 130 high-profile Twitter accounts to pull off a cryptocurrency scam, according to the U.S. Justice Department and Florida prosecutors.
Andrew Warren, the state attorney for Hillsborough County, Florida, announced Friday that 17-year-old Graham Ivan Clark of Tampa was arrested at his apartment without incident. He is being charged as an adult with 30 felonies, including organized fraud, communications fraud and identity theft.
Warren called Clark the mastermind behind the hacking scheme, alleging he gained access to the accounts through compromising a Twitter employee and then sold access to those accounts.
"Clark ... stole the identities of prominent people, posted messages in their names directing victims to send bitcoin to accounts associated with Clark, and reaped more than $100,000 in bitcoin in just one day,” Warren says. “As a cryptocurrency, bitcoin is difficult to track and recover if stolen in a scam."
The second arrest was announced Friday by the FBI's San Francisco field office, but no details were released and an FBI spokesperson tells Information Security Media Group that no further comment on the matter will be made at this time.
"Our investigation is ongoing, and there is still more work to yet to do. However, as of today, the FBI and our partners have taken two individuals into custody. They are facing either federal or state criminal charges, including computer intrusion, fraud, money laundering, wire fraud, and identity theft, FBI San Francisco Assistant Special Agent in Charge Sanjay Virmani says.
Nima Fazeli, aka "Rolex," 22, of Orlando, and Mason Sheppard, aka "Chaewon," 19, who is a resident of the U.K., were charged for their alleged roles in the Twitter hack; it's not clear who was arrested Friday. Fazeli is charged with aiding and abetting the intentional access of a protected computer, while Sheppard is charged with conspiracy to commit wire fraud, conspiracy to commit money laundering and the intentional access of a protected computer, according to U.S. Attorney's Office for Northern District of California, which is overseeing the federal prosecutions.
"Our goal was to identify those responsible, put a stop to their illegal activity, and hold them responsible for these crimes. Today’s arrests represent just the first step for law enforcement. Our investigation will continue to identify anyone else who may have been involved in these crimes," says Virmani.
130 Accounts Compromised
The 130 Twitter accounts were accessed after employees of the social media firm were scammed out of their credentials. Twitter released a blog Thursday that noted a phone-based phishing attack was the first step toward gaining access to the Twitter credentials needed to take over the accounts (see: Twitter Hackers Targeted Employees With Phone Phishing).
The malicious actors used stolen credentials to take over 130 accounts, and then they tweeted from 45 of them, the social media company says. The hackers also accessed the direct message inbox of 36 accounts and downloaded the Twitter data of seven, according to Twitter.
Among the commandeered accounts were those of Microsoft founder Bill Gates, entrepreneur Elon Musk, Dutch lawmaker Geert Wilders and presumptive Democratic presidential nominee Joe Biden. The attackers used these accounts to conduct a brazen campaign designed to solicit money from the account holder's unwary followers.
The scam ended up collecting about $120,000 from 360 people, according to news reports.