Florida Teen Accused Of Masterminding Unprecedented Twitter Hack And $120,000 Bitcoin Scam

The culprits of the high-profile Twitter hack that occurred just over two weeks ago have been apprehended, and the ringleader is actually 17-year-old Graham Clark from Tampa, Florida. The teenager also had two accomplices: 22-year-old Nima Fazeli from Orlando, Florida and 19-year-old Mason Sheppard from the United Kingdom.  

On July 15th, the Twitter accounts of some big-name celebrities and companies were hacked including Elon Musk, Kanye West, Joe Biden, Bill Gates and Apple. It was later reported by Twitter that 130 total accounts were targeted, and tweets were sent out from 45 of those accounts in connection with a Bitcoin scam that garnered the culprits around $120,000. Clark is being charged with 30 felony counts including wire fraud, communications fraud, and hacking. The most serious charges carry with them a $250,000 fine.  

“These crimes were perpetrated using the names of famous people and celebrities, but they’re not the primary victims here,” said Hillsborough State Attorney Warren said. “This Bitcoin was designed to steal money from regular Americans from all over the country, including here in Florida. This massive fraud was orchestrated right here in our backyard, and we will not stand for that.”

“This could have had a massive, massive amount of money stolen from people, it could have destabilized financial markets within America and across the globe; because he had access to powerful politicians’ Twitter accounts, he could have undermined politics as well as international diplomacy,” Warred added.

Apprehending the culprits was a joint effort that involved the US Attorney's Office for the Northern District of California, FBI, IRS, Secret Service and Florida law enforcement officials. 

For its part, Twitter provided more detail today in an update to its running blog regarding the hack. “The social engineering [targeted] a small number of employees through a phone spear phishing attack. A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools.

“Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes. This knowledge then enabled them to target additional employees who did have access to our account support tools.”

In the wake of this embarrassing security incident, Twitter says that it has “significantly limited access” to its internal tools and has invested in “increased security protocols, techniques and mechanisms.”