A Florida teenager, who is accused of being the “mastermind” behind the July hacking of social media site Twitter, has been arrested, according to Tampa’s WFLA Channel 8 News site.
17-year-old Graham Clark is facing 30 felony charges for “scamming people across America” with the Twitter hack. He’s been accused of organized fraud, 17 counts of communication fraud, one count of fraudulent use of personal information with over $100,000 or 30 or more victims, 10 counts of fraudulent use of personal information, and one count of access to a computer or electronic device without authority.
The July 15 Twitter hack saw the accounts of multiple prominent companies and individuals taken over, with hackers sharing bitcoin scam images in an attempt to collect money. Apple’s Twitter account was included in the attack.
According to Twitter’s internal investigations, Twitter employees were targeted in a “phone spear phishing attack,” which suggests hackers called some of its staff and tricked them into thinking they were speaking with fellow Twitter employees.
The targeted employees provided access to Twitter’s internal systems, which is how the hackers were able to breach the accounts. Twitter’s internal tools were used to target 130 accounts, and for 45 of those accounts, the hackers used a password reset and had full access to send tweets.
Of the 130 accounts breached, which included the accounts Tesla CEO Elon Musk, former U.S. President Barack Obama, former Microsoft CEO Bill Gates, Amazon CEO Jeff Bezos, and presidential candidate Joe Biden, hackers had access to information like email addresses and phone numbers, plus for some accounts, Direct Messages were accessed.
Hillsborough State Attorney Andrew Warren said that Clark’s scheme earned him more than $100,000 in bitcoin.
“These crimes were perpetrated using the names of famous people and celebrities, but they’re not the primary victims here. This ‘Bit-Con’ was designed to steal money from regular Americans from all over the country, including here in Florida,” Warren said in a statement. “This massive fraud was orchestrated right here in our backyard, and we will not stand for that.”
In a statement, Twitter said that it appreciated the swift actions of law enforcement agents in Florida.
We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses. For our part, we are focused on being transparent and providing updates regularly. For the latest, see here 👇 https://t.co/kHty8TXaly — Twitter Comms (@TwitterComms) July 31, 2020
Twitter earlier today said that it is taking a “hard look” at how to improve its internal tools and systems and has limited access until better security protocols are in place.