We reported on the developments of the worldwide Twitter hack a number of times over the past couple of weeks but now, it seems that the mastermind behind the whole scandal has been caught. A 17-year old Florida-based male named Graham Clark was placed under arrest by multiple law enforcement agencies including the FBI, IRS, and US Secret Service on July 31st on suspicion of orchestrating the scam.
Since Clark was arrested, law enforcement made two similar arrests of 22-year old Orlando-based Nima Fazeli and 19-year old UK-based Mason Sheppard who were apparently accomplices, aiding Clark in illegal proceedings. They’ve not been charged as of writing this article but we will probably get an update in due course.
The affidavit from the prosecution stated this:
To wit: Clark without authorization gain [sic] access to Twitter Inc.’s Customer Service Portal. Clark used social engineering to convince a Twitter employee that he was a co-worker in the IT department and had the employee provide credentials to access the customer service portal.
Clark then accessed the Twitter accounts of prominent individuals, including VP Joe Biden, former President Barack Obama and business [sic] such as Apple and Coinbase. Clark then posted on their Twitter accounts a communication that if Bitcoins are sent to accounts they will be doubled and returned to the victim. Clark did not return the funds and he moved the funds to another account. 10 prominent people had their personal identification information in the form of a verified [sic] Twitter Account use without consent be used [sic] in the fraudulent activity. Clark received approximately $117,000 during the commission of his scheme to defraud.
Clark, himself, is being charged as an adult with the state attorney Andrew Warren implying that this was not the work of “an ordinary 17-year old,” with the later press conference implying that even though the $100,000 in Bitcoin that was stolen was a large sum if it went further, there could have been massive effects on financial markets.
“This could have had a massive, massive amount of money stolen from people, it could have destabilized financial markets within America and across the globe; because he had access to powerful politicians’ Twitter accounts, he could have undermined politics as well as international diplomacy,”
“This is not a game… these are serious crimes with serious consequences, and if you think you can rip people off online and get away with it, you’ll be in for a rude awakening, a rude awakening that comes in the form of a 6 AM knock on your door from federal agents,”
Strong words from Warren, maybe in an effort to deter any other young hackers out there trying to get their hands on some trace-free cash.
While Twitter has been relatively quiet on the whole matter, they did make this statement in the form of a tweet upon Clark’s arrest which implies they will be providing further information as it develops for full transparency:
“We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses. For our part, we are focused on being transparent and providing updates regularly.”
We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses. For our part, we are focused on being transparent and providing updates regularly.
For the latest, see here 👇 https://t.co/kHty8TXaly
— Twitter Comms (@TwitterComms) July 31, 2020
While ethical hacking might be fun and all to those of a younger generation, using those skills in an unethical manner, not only stealing money but also accessing an individual’s private information, is, unfortunately, a federal offense and will see you being put in jail for quite some time. Thankfully, Clark, in this case, was stopped before even more funds were accessed and if not, as Warren alluded to, it could’ve had big impacts on the financial markets.