A local teen named Graham Ivan Clark has been accused of kidnapping dozens of prominent Twitter accounts, authorities say.
Read for 4 minutes
This story originally appeared on PC Mag
The mastermind behind the epic Twitter hack is said to be a 17-year-old from Florida.
On Friday, July 31, the U.S. Department of Justice announced that it had accused three people of kidnapping dozens of VIP Twitter accounts on July 15 to promote Bitcoin fraud. The suspect’s chief suspect, Graham Ivan Clark, was arrested and charged on Friday for orchestrating the hacks, the Hillsborough prosecutor in Tampa, Florida, said.
Image: Hillsborough County Sheriff’s Office
The authorities identified Clark as a suspect with the help of the FBI and the U.S. Department of Justice. “This defendant lives here in Tampa, has committed the crime here, and is being prosecuted here,” said Andrew Warren, Prosecutor of the 13th Judiciary, in today’s announcement.
His office follows Clark because under Florida law, minors can be charged as adults in financial fraud cases. Clark is currently facing 30 crimes, including 17 communication fraud cases and 10 fraudulent use of personal information.
The other two suspects, 19-year-old Mason Sheppard, who lives in the UK, and 22-year-old Nima Fazeli, who lives in Florida, were also accused of participating in the attack.
The FBI cited chat records about Discord, the courier company that the trio reportedly used to coordinate its activities. The Justice Department complaint shows that Clark is behind Discord user “Kirk # 5270” and has sold access to hijacked Twitter accounts.
Kirk # 5270 requested a minimum of $ 1,000 or $ 2,500 for each hijacked account. He then marketed his services on OGUsers.com, an underground forum popular with hackers. In April, however, OGUsers.com membership personal information was released via an overturned database, a copy of which the FBI had received.
The leak allowed federal investigators to identify who was communicating with Kirk # 5270. Subsequent searches of records showed that Sheppard and Fazeli used Coinbase accounts registered in their personal email addresses to facilitate payments.
It was unclear how the perpetrators had access to Twitter’s account management systems. On Thursday, the company blamed a “phone phishing” intrusion program that made some Twitter employees give up their corporate credentials. Security firm Unit221B notes that the COVID 19 pandemic is forcing many people to work from home, making them more vulnerable to phishing attacks.
In response to the arrests, Twitter said, “We appreciate the law enforcement authorities’ swift action on this investigation and will continue to work together as the case progresses. For our part, we focus on being transparent and regularly providing updates. “