No Name, Florida teen arrested as mastermind of Twitter hack

[Image]( EMAIL}/redirect Posted on Saturday, August 1st, 2020 By David Fischer And Frank Bajak, Associated Press MIAMI (AP) — A Florida teen was identified Friday as the mastermind of a scheme earlier this month that commandeered Twitter accounts of prominent politicians, celebrities and technology moguls and scammed people around the globe out of more than $100,000 in Bitcoin. Two other men were also charged in the case. Graham Ivan Clark, 17, was arrested Friday in Tampa, where the Hillsborough State Attorney’s Office will prosecute him as an adult. He faces 30 felony charges, according to a news release. Two men accused of benefiting from the hack — Mason Sheppard, 19, of Bognor Regis, U.K., and Nima Fazeli, 22, of Orlando — were charged separately in California federal court. In one of the most high-profile security breaches in recent years, bogus tweets were sent out on July 15 from the accounts of Barack Obama, Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked. The tweets offered to send $2,000 for every $1,000 sent to an anonymous Bitcoin address. The hack alarmed security experts because of the grave potential of such an intrusion for creating geopolitical mayhem with disinformation. Court papers in the California cases say Fazeli and Sheppard brokered the sale of Twitter accounts stolen by a hacker who identified himself as “Kirk” and said he could “reset, swap and control any Twitter account at will” in exchange for cybercurrency payments, claiming to be a Twitter employee. The documents do not specify Kirk's real identity but say he is a teen being prosecuted in the Tampa area. Twitter has said the hacker gained access to a company dashboard that manages accounts by using social engineering and spear-phishing smartphones to obtain credentials from “a small number” of Twitter employees "to gain access to our internal systems.” Spear-phishing uses email or other messaging to deceive people into sharing access credentials. EMAIL}/redirect EMAIL}/redirect “There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence,” U.S. Attorney David L. Anderson for the Northern District of California said in a news release. The evidence suggests, however, that those responsible did a poor job indeed of covering their tracks. The court documents released Friday show how federal agents tracked down the hackers through Bitcoin transactions and by obtaining records of their online chats. Although the case was investigated by the FBI and the U.S. Department of Justice, Hillsborough State Attorney Andrew Warren said his office is prosecuting Clark in state court because Florida law allows minors to be charged as adults in financial fraud cases when appropriate. He called Clark the leader of the hacking scam. “This defendant lives here in Tampa, he committed the crime here, and he’ll be prosecuted here,” Warren said. Security experts were not surprised that the alleged mastermind is a 17-year-old, given the relatively amateurish nature of both the operation and how participants discussed it with New York Times reporters afterward. EMAIL}/redirect EMAIL}/redirect “This is a great case study showing how technology democratizes the ability to commit serious criminal acts,” said Jake Williams, founder of the cybersecurity firm Rendition Infosec. “There wasn’t a ton of development that went into this attack.” Williams said the hackers were “extremely sloppy” in how they moved the Bitcoin around. It did not appear they used any services that make cryptocurrency difficult to trace by “tumbling” transactions of multiple users, a technique akin to money laundering, he said. He also said he was conflicted about whether Clark should be charged as an adult. “He definitely deserves to pay (for jumping on the opportunity) but potentially serving decades in prison doesn’t seem like justice in this case,” Williams said. The hack targeted 130 accounts with tweets being sent from 45 accounts, obtained access to the direct message inboxes of 36, and downloaded Twitter data from seven. Dutch anti-Islam lawmaker Geert Wilders has said his inbox was among those accessed. Court papers suggest Fazeli and Sheppard got involved in the scheme after Clark dangled the possibility of obtaining so-called OG Twitter handles, short account names that due to their brevity are highly prized and considered status symbols in a certain milieu. They said Sheppard purchased @anxious and Faceli wanted @foreign. Internal Revenue Service investigators in Washington, D.C., identified two of the defendants by analyzing Bitcoin transactions on the blockchain — the universal ledger that records Bitcoin transactions — that they had sought to make anonymous, federal prosecutors said. Marcus Hutchins, the 26-year-old British cybersecurity expert credited with helping stop the WannaCry computer virus in 2017, said the skillset involved in the actual hack was nothing special. “I think people underestimate the level of experience needed to pull off these kinds of hacks. They may sound extremely sophisticated, but the techniques can be replicated by teens,” added Hutchins, who pleaded guilty last year to creating malware designed to steal banking information and just completed a year's supervised release. British cybersecurity analyst Graham Cluley said his guess was that the targeted Twitter employees got a message to call what they thought was an authorized help desk and were persuaded by the hacker to provide their credentials. It’s also possible the hackers got a call from the company’s legitimate help line by spoofing the number, he said. Fazeli’s father said Friday he hasn’t been able to talk to his son since Thursday. “I’m 100% sure my son is innocent,” Mohamad Fazeli said. “He’s a very good person, very honest, very smart and loyal.” “We are as shocked as everybody else,” he said by phone. “I’m sure this is a mix up.” Attempts to reach relatives of the other two weren't immediately successful. Hillsborough County court records didn't list an attorney for Clark, and federal court records didn't list attorneys for Sheppard or Fazeli. ___ This story has been corrected to show that participants in the operation, not the hacker identified as ‘Kirk,’ discussed it with The New York Times. ___ Bajak reported from Boston. Associated Press Writers Kelvin Chan in London, Matt O’Brien in Providence, Rhode Island, contributed to this report. EMAIL}/redirect EMAIL}/redirect To get Exclusive Offers make sure you grab your cellphone (which you are probably doing right now) and join our VIP text messaging list (standard text and messaging rates may apply)to make it even easier, if you are on your cell phone now click this Button Below: [SIGN ME UP NOW]( © 2020 PTE.la PTE, LLC (publisher of PTE.la) is NOT registered as an investment adviser nor a broker/dealer with either the U. S. Securities & Exchange Commission or any state securities regulatory authority. Users of this website are advised that all information presented on this website is solely for informational purposes, is not intended to be used as a personalized investment recommendation, and is not attuned to any specific portfolio or to any user's particular investment needs or objectives. Past performance is NOT indicative of future results. Furthermore, such information is not to be construed as an offer to sell or the solicitation of an offer to buy, nor is it to be construed as a recommendation to buy, hold or sell (short or otherwise) any security. All users of this website must determine for themselves what specific investments to make or not make and are urged to consult with their own independent financial advisors with respect to any investment decision. The reader bears responsibility for his/her own investment research and decisions, should seek the advice of a qualified securities professional before making any investment, and investigate and fully understand any and all risks before investing. All opinions, analyses and information included on this website are based on sources believed to be reliable and written in good faith, but should be independently verified, and no representation or warranty of any kind, express or implied, is made, including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. In addition, we undertake no responsibility to notify such opinions, analyses or information or to keep such opinions, analyses or information current. Also be aware that owners, employees and writers of and for PTE, LLC may have long or short positions in securities that may be discussed on this website or newsletter. Past results are not indicative of future profits. This table is accurate, though not every trade is represented. Profits and losses reported are simulated figures from virtual simulated portfolios. We are engaged in the business of advertising and promoting companies for monetary compensation. All content in our releases is for informational purposes only and should not be construed as an offer or solicitation of an offer to buy or sell securities. Neither the information presented nor any statement or expression of opinion, or any other matter herein, directly or indirectly constitutes a solicitation of the purchase or sale of any securities. PTE.la’s sponsored advertisements do not purport to provide an analysis of any company’s financial position, operations or prospects and this is not to be construed as are commendation by PTE.la or an offer or solicitation to buy or sell any security. Neither the owner of PTE.la nor any of its members, officers, directors, contractors or employees is licensed broker-dealers, account representatives, market makers, investment bankers, investment advisors, analyst or underwriters. Investing in securities, including the securities of those companies profiled or discussed on this website is for individuals tolerant of high risks. Viewers should always consult with alicensed securities professional before purchasing or selling any securities of companies profiled or discussed in our releases. It is possible that a viewer’s entire investment may be lost or impaired due to the speculative nature of the companies profiled. Remember, never invest in any security of a company profiled or discussed in a release or on our website unless you can afford to lose your entire investment. Also, investing in micro-cap securities is highly speculative and carries an extremely high degree of risk. To review our complete disclaimer and additional information, please visit . PTE.la makes no recommendation that the securities of the companies profiled or discussed in our releases or on our website should be purchased, sold or held by investors. PTE.la is owned and operated by PTE LLC. PTE LLC has not been compensated for this specific email, we do have advertisements in this email that we get paid if you click one of the ads (we have not investigated any of the advertisements). Any compensation received by PTE LLC constitutes a conflict of interest as to our ability to remain objective in our communication regarding the profiled company. A third party of PTE LLC may have shares and may liquidate, which may negatively affect the stock price. PTE LLC affiliates may at any time have a position in the securities mentioned herein and may increase or decrease such positions without notice which will negatively affect the market. Some of the content in this release contains forward - looking information within the meaning of Section 27 A of the Securities Act of 1 9 9 3 and Section 21 E of the Securities Exchange Act of 1 9 3 4 including statements regarding expected continual growth of the profiled company and the value of its securities. In accordance with the safe harbor provisions of the Private Securities Litigation Reform Act of 1995 it is hereby noted that statements contained herein that look forward in time which include everything other than historical information, involve risk and uncertainties that may affect a company's actual results of operation. A company's actual performance could greatly differ from those described in any forward - looking statements or announcements mentioned in this release. Factors that should be considered that could cause actual results to differ include: the size and growth of the market for the company's products; the company's ability to fund its capital requirements in the near term and in the long term; pricing pressures; unforeseen and/or unexpected circumstances in happenings; etc. and the risk factors and other factors set forth in the company’s filings with the Securities and Exchange Commission. However, acompany’s past performance does not guarantee future results. Generally, the information regarding a company profiled is provided from public sources which we believe to be reliable but is not guaranteed by us as being accurate. Further specific financial information, filings and disclosures as well as general investor information about the profiled company, advice to investors and other investor resources are available at the Securities and Exchange Commission (“SEC”) website www.sec.gov and the Financial Industry Regulatory Authority (“FINRA”) website at www.finra.org. Any investment should be made only after consulting with a qualified investment advisor and reviewing the publicly available financial statement and other information about the company profiled and verifying that the investment is appropriate and suitable. PTE.la makes no representations, warranties or guarantees as to the accuracy or completeness of the information provided or discussed. Viewers should not rely solely on the information obtained in this release or on our website. PTE Team 9 Downing street Newark NJ 07105 USA [Unsubscribe]( | [Change Subscriber Options](