A 17 year old Florida teenager dubbed “the mastermind,” has been been arrested and charged along with 3 others in connection with a massive security breach targeting some of the most prominent names on Twitter.
In July 15, hackers took over about 130 high-profile accounts, including those of former president Barack Obama, Democratic presidential candidate Joe Biden and Tesla CEO Elon Musk. Hackers then tweeted a fake bitcoin deal from some of those accounts, reaping more than 400 bitcoin transfers worth in excess of $100,000, the Hillsborough state attorney’s office said.
Graham Ivan Clark, 17, of Tampa was arrested “without incident” at his apartment Friday morning by FBI and Internal Revenue Service agents, Hillsborough State Attorney Andrew Warren said during a news conference. He faces 30 felony counts.
“I guess I was surprised that it was someone so young,” Warren said of Clark, whom he called the hack’s mastermind, “but at the same time, we see a lot of people who are extremely sophisticated and savvy with computers at a young age.”
The FBI and the U.S. Department of Justice will coordinate with the state attorney’s office in prosecuting Clark in Florida.
Clark makes his first court appearance Saturday morning facing one count of organized fraud, one count of accessing a computer or electronic device without authority, one count of fraudulent use of personal information, 10 counts of fraudulent use of personal information, and 17 counts of communications fraud.
Also charged were Nima Fazeli, 22, of Orlando, and Mason Sheppard, 19, of Bognor Regis, England, according to a release from the U.S. attorney’s office for the Northern District of California.
In a Friday tweet, Twitter’s communications team expressed appreciation for the “swift actions of law enforcement.”
The cyberattack that took down big parts of Twitter’s site involved manipulating employees over a rather old-school method: the phone.
The hackers were able to access some internal tools from the initial targeted employees and then learned specifically who had access to account support controls and targeted them next.
It took Twitter hours to regain control of the site, and the company had to temporarily lock all verified accounts. Others lost control of their accounts completely if they tried to change their passwords. It took Twitter days to fully restore access to those accounts.
Twitter previously said hackers gained access to 130 accounts and tweeted from 45 of them. CEO Jack Dorsey apologized for the hack last week during a company earnings call, saying Twitter “fell behind” in some security restrictions. Twitter said that employee access to internal account management tools is “strictly limited” and that it would now be looking at making its processes “even more sophisticated.”