- The Twitter hack - what happened?
- Recent updates and arrests
- Suspect information
- Young mastermind
Remember the Twitter hack that took place last month, in which cybercriminals stole more than $100,000? Well, it seems the authorities have finally caught the culprits, and the mastermind behind the attack has just graduated high school.
Graham Ivan Clark, a 17-year-old from Florida, allegedly hacked into high-profile Twitter accounts and posted on their behalf. He scammed people into sending him Bitcoin payments, offering to double any amount he receives. The verified accounts included prominent names like former US President Barack Obama, Amazon CEO Jeff Bezos, and Tesla CEO Elon Musk.
The boy pleaded not guilty to all 30 charges against him. But if convicted, he could face many years behind bars because Florida law is more flexible when prosecuting minors. The authorities also charged Mason Sheppard, 19, and Nima Fazeli, 22, for aiding Clark in his attack.
The Twitter Hack
On July 15, several high-profile Twitter users tweeted pretty much the same thing: We are willing to double any Bitcoin amount you send over the next 30 minutes. Had unknown people posted this message, no one would have bought it. But since it came from the likes of Jeff Bezos, Elon Musk, Bill Gates, Mike Bloomberg, Barack Obama, Joe Biden, Kim Kardashian, and Kanye West, it had to be true, right?
Wrong! All these accounts were unknowingly part of a scam that aimed to trick victims into sending Bitcoins. And even though Twitter quickly detected and deleted the tweets, over $100,000 were stolen, blockchain records showed. After all, these prominent users have millions of followers.
In addition to removing the tweets, Twitter blocked every verified user on its platform from posting. Furthermore, it locked the compromised accounts and denied all password resets. Later on, the company revealed that the coordinated attack targeted employees who had access to “internal systems and tools.” Cybercriminals used these tools to infiltrate Twitter’ s defenses and launch their scam.
That’s all the available information at the time.
Arrests and Updates
Just two weeks after the Twitter hack, the authorities apprehended three suspects. And the supposed mastermind of the operation is a teenager who just graduated high school. 17-year-old Graham Clark managed to get his hands on 130 Twitter accounts with a blue tick, and it was like stealing candy from a baby.
Clark didn’t resort to advanced malware or hacking techniques to breach the social platform’s systems. According to the authorities, all he had to do was convince a Twitter IT employee that he was a coworker who needed login credentials to access the customer support platform. Then, the teen went on a hacking spree, using high-profile accounts to execute his scam.
Law enforcement agencies charged him with 30 felonies, including communications fraud and fraudulent use of personal information. Despite the FBI and the Department of Justice‘s involvement in the case, the authorities will prosecute under Florida law, rather than federal.
“Florida law allows us greater flexibility to charge a minor as an adult in a financial fraud case.”Andrew Warren, Hillsborough State Attorney
Federal authorities also arrested and charged two others who supposedly aided Clark in his scam. Mason Sheppard, a 19-year-old from the UK, faces 45 years in prison if found guilty. State attorneys accused him of conspiracy to commit wire fraud and money laundering, as well as intentional access of a protected computer.
Meanwhile, Nima Fazeli, 22, of Orlando allegedly aided and abetted the intentional access of a protected computer. He could face five years in federal prison.
What Do We Know About the Suspects?
It’s still quite astonishing how a teenager allegedly managed to pull off an attack on one of the most popular social media platforms. This isn’t the first time Twitter fell victim to cyberattacks, with hackers using it to execute scams. Cybersecurity experts previously questioned the company’s security and defense systems, but this breach was on a whole new level.
And according to former Twitter security employees, too many people have access to user accounts, including third-party contractors. They added that the company is stalling to introduce security updates, although Twitter refuted these claims.
Law enforcement agencies claim that the suspects are part of an underground hacking subculture called “OGUsers.” They steal, buy, and sell online accounts with short usernames, worth thousands of dollars in cryptocurrency. Usernames like “@6” or “@dark” are hot commodities.
Cybercriminals in this community focus on social engineering rather than traditional hacking. That means they have outstanding skills in impersonating official and legitimate figures and deceiving victims. These methods work well in hijacking credit card credentials and social media accounts. But no one has ever pulled off such a widespread attack.
On July 30, Twitter admitted that hackers tricked its employees into giving away sensitive data over the phone. It added that it would limit access to internal tools until there’s a better understanding of the attack’s effects. Moreover, the company will strengthen its security protocols to make them more impenetrable.
A Hacker from an Early Stage
According to fellow hacker Logan Derouanna, Clark began his hacking career before he was even a teenager. The 19-year-old, who claims that he is no longer part of the OGUser community, said that Clark hacked into his Instagram account when he was just 11. All it took was pressing a link that Clark sent him, and just like that, he was in. Two other hackers also confirmed that Clark entered the hacking scene since at least 2014.
However, the defendant’s mother, Emiliya Clark, believes her son is innocent. She told NBC News that she talked to her son every day since the arrest, and she thinks he didn’t do it. Another parent who is also certain of his child’s innocence is Fazeli’s father. He told The Associated Press that his son is “a very good person, very honest, very smart and loyal.”
“We are as shocked as everybody else. I’m sure this is a mix up.”Mohamad Fazeli, Father of Nima Fazeli