Florida Teen Charged As ‘Mastermind’ Of Massive Twitter Hack

Florida prosecutors have charged a teenager with being the “mastermind” of a hack that targeted some of Twitter’s best-known accounts and, prosecutors say, scammed more than $100,000 in Bitcoin from duped users.

Two other people were also charged by federal prosecutors for their alleged involvement in the July 15 hack, which involved the accounts of the social media network’s richest and most famous users, including former President Barack Obama, presumptive Democratic presidential nominee Joe Biden, Amazon CEO Jeff Bezos and rapper Kanye West.

Federal agents arrested Graham Ivan Clark, a 17-year-old Tampa resident, on Friday morning after a nationwide investigation by the FBI and Department of Justice, according to the state attorney’s office in Hillsborough County, Florida. He is facing 30 felony charges. (NPR is naming Clark because he is being charged under Florida state law as an adult.)

“Clark hacked into the Twitter accounts of famous people and celebrities, but they were not the primary victims. This ‘Bit-Con’ was designed to defraud money from regular Americans from across the country and here in Florida,” Hillsborough County State Attorney Andrew Warren said at a press conference on Friday.

The Twitter profiles were used to post messages asking their millions of followers to send Bitcoin to accounts associated with Clark. The messages promised the senders that their payments would be doubled — which never happened. Clark also sold access to some of the accounts, Warren said.

Clark “reaped over $100,000 in Bitcoin in just one day,” Warren said. “He’s a 17-year-old kid who apparently just graduated high school, but make no mistake: this was not an ordinary 17-year-old. This was a highly sophisticated attack on a magnitude not seen before.”

Clark faces 17 counts of communications fraud, one count of organized fraud, one count of fraudulent use of personal information with over $100,000 or 30 or more victims, 10 counts of fraudulent use of personal information, and one count of accusing a computer or electronic device without authority.

Warren said Clark was being charged in Florida rather than by federal prosecutors because state law allows minors to be charged as adults in financial fraud cases “when appropriate.”

Separately, the U.S. attorney’s office in the northern district of California charged Mason Sheppard, a 19-year-old in the U.K., and Nima Fazeli, 22, of Orlando, Florida, with roles in the hack.

Sheppard was charged with conspiracy to commit wire fraud, conspiracy to commit money laundering, and the intentional access of a protected computer. Fazeli was charged with aiding and abetting the intentional access of a protected computer.

Twitter said in a statement: “We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses.”

The attack — thought to be the largest and most coordinated in Twitter’s history — has exposed vulnerabilities on the platform, which is a major communications channel for news outlets, companies, celebrities and politicians including President Donald Trump.

Twitter said on Thursday a “small number of employees” were targeted in a phone spear phishing attack — where hackers trick people into handing over passwords or other credentials. Once the attackers got those credentials, they were able to use Twitter’s account support tools to gain access to user accounts.

The attack targeted 130 Twitter accounts, tweeted from 45 of them, accessed the direct messages of 36 and downloaded data from 7 accounts, the company said.

Twitter said it has “significantly limited” access to internal tools and is “improving our methods for detecting and preventing inappropriate access to our internal systems.”

Copyright 2020 NPR. To see more, visit https://www.npr.org.