Florida teen arrested in Twitter hack

Twitter says 'social engineering' let hackers access verified accounts for Bitcoin scam

The 19-year-old Mason Sheppard (aka "Chaewon") of the United Kingdom was charged in a criminal complaint in the Northern District of California with conspiracy to commit wire fraud, conspiracy to commit money laundering, and the intentional access of a protected computer. Thankfully, the Federal Bureau of Investigation and the U.S. Department of Justice were able to bring the hackers into custody in a matter of weeks, after conducting a nationwide investigation.

Graham Ivan Clark, 17, allegedly hijacked 130 Twitter accounts as part of a cryptocurrency scam, according to a criminal affidavit filed in Tampa, Florida.

The name of the third defendant was not disclosed by the feds to "protect the identity of the juvenile", despite the fact that in its press-release, the Florida-based Hillsborough State Attorney Office reveal the name of the 17-year-old defendant. He has been charged with 30 felonies, including 17 counts of communications fraud, 10 counts of fraudulent use of personal information and one count of organized fraud.

The big picture: Twitter announced Thursday that the attack "targeted a small number of employees through a phone spear phishing attack".

Clark faces 30 counts of fraud and unauthorized access of a device related to taking over accounts of prominent celebrities and brands, including Tesla CEO Elon Musk, Microsoft co-founder Bill Gates, Amazon CEO Jeff Bezos and Apple and Uber. He said Clark took "over $100,000 in Bitcoin in just one day".

As per the US Department of Justice, the scam bitcoin account that was mentioned in the fraudulent tweets got transfers worth over $100,000 from more than 400 transactions.

"Chaewon", an alleged alias of Sheppard's, posted an OGUser thread entitled, "Pulling email for any Twitter/Taking Requests". From there, they moved to compromise 130 Twitter accounts, tweeted from 45 of them, accessed the DM inbox of 36, and downloaded the data of seven.

In one instance, according to the federal complaint, a user named Kirk#5270 said in an online forum, "I work for Twitter".

The alleged mastermind behind the July 15 hack of Twitter accounts of business titans, celebrities and a former president didn't need sophisticated hacking tools to pierce the company's security system. He added that Chaewon/Ever So Anxious also was known as "Mason".

Twitter said it will be slower to respond to account support needs, reported tweets, and applications to its developer platform. PlugWalkJoe is pictured here chatting with Ever So Anxious/Chaewon/Mason using his Discord username "Beyond Insane". Attempting to use Coinbase to receive stolen Bitcoin from such a high profile security incident was an unfortunate decision, if not a straight out stupid move. "I can't comment on whether he worked alone", Warren said. Kirk had offered him and Sheppard, who goes by the name "ever so anxious", to serve as middlemen in the sale of a collection of much coveted "OG" Twitter handles, for which he said they could take a cut.

Related:

Comments


Other news