US federal agencies: Federal Bureau of Investigation (FBI), Internal Revenue Service (IRS), US Secret Service, and Florida state law enforcement body, have arrested three individuals involved in Twitter’s hack.
Graham Clark, 17-year-old boy from Florida, Nima Fazeli, 22-year-old from Orlando, Mason Shepphard, 19-year-old from the United Kingdom, and an unidentified minor from California who admitted to having aided Shepphard in selling access to Twitter accounts have all been apprehended over what is believed to be the biggest hack in Twitter’s history.
On July 15, Twitter experienced a massive hack which saw accounts of public figures: Barack Obama, Joe Biden, Bill Gates, Warren Buffett, Jeff Bezos, Elon Musk, Michael Bloomberg, Floyd Mayweather, Kim Kardashian, Kanye West, and major companies: Apple, Bitcoin, Uber, and bitcoin exchanges Coinbase, Gemini, and Binance compromised in one of the most widespread and confounding breaches the platform has ever seen, all in service of apparent bitcoin promotion scam.
The perpetrators posted a uniform message on the override accounts simultaneously, promising users who remit Bitcoin to an address listed in the tweets a double of their payment in return, a cruel cryptocurrency scam.
The post read: “I am giving back to the community. All Bitcoin sent to the address below will be sent back doubled! If you send $1,000, I will send back $2,000. Only doing this for 30 minutes.”
Twitter then locked verified accounts of high profile individuals and companies that were compromised while promising to fix the intrusion together with conducting a thorough investigation.
Indian Today report that Sheppard known and Chaewon and Fazeli nicknamed Rolex among other aforementioned have been identified to have orchestrated the hack and have been arraigned by US Department of Justice.
It was revealed that Clark had gained access to the internal tool of Twitter by tricking one of the company’s IT department employees into giving him confidential credentials.
An affidavit released by the authorities collectively said that: “Clark then accessed the Twitter accounts of prominent individuals, including VP Joe Biden, former President Barack Obama and business [sic] such as Apple and Coinbase. Clark then posted on their Twitter accounts a communication that if Bitcoins are sent to accounts they will be doubled and returned to the victim.”
The affidavit has also mentioned that Clark got an approximate amount of $117,000 from the bitcoin scam by defrauding the followers of the people whose verified profiles were hacked.
US Authorities revealed that the hackers were traced by their registration details used in setting up their accounts on cryptocurrency platforms were they traded the stolen bitcoins.
According to the federal agencies working the case, Sheppard used his driver’s license for verification on the Binance and Coinbase cryptocurrency exchanges, which were used to trade bitcoins from the scam.
Clark did not take exception, he received payments in bitcoin for selling stolen Twitter credentials with a Coinbase account which he verified using a driver’s license.
Both Sheppard and Clark are charged with fine in the US but other consequences are different. Sheppard has been charged with computer intrusion, wire fraud conspiracy, money laundering conspiracy, and a 20-year jail term for the most serious crime. Clark is charged only with computer intrusion, the fine for which is his punitive consequence.
Twitter has acknowledged the arrests made by the US authorities and revealed more data on how the breach affected the users and what data was stolen if it was. According to the US-based social media giant, 130 accounts were targeted by the breach using the internal tools, 45 of which were bypassed by the hackers and their passwords were reset.
These 45 accounts were then used to send scamming tweets to the followers of the profiles. 36 accounts had their DMs accessed by the hackers while 8 of them had their Twitter archived and downloaded.
Twitter says these 8 accounts were not the verified ones but has not disclosed if such an action will be consequential to the privacy of the individuals who owned these accounts.
The Jack Dorsey-led company also stated measures the company will take in the future, including restoring the accounts who are still locked out, continuing with the investigation internally and with the cooperation of law enforcement, securing the systems further to prevent such hacks in future, and introducing a company-wide training of employees on ongoing phishing and other “social engineering tactics” used by hackers to prevent themselves from being falling prey to them.
