The FBI was able to track down three hackers who caused the biggest Twitter breach in history because they were ‘extremely sloppy’ in the way they move their Bitcoin transactions.
Graham Ivan Clark, 17, of Tampa, Florida; Nima Fazeli, 22, from Orlando, Florida; and Mason Sheppard, 19, of Bognor Regis, UK, are all charged with the hack that took place on July 15.
On that date, the men conspired to hijack Twitter accounts of famous figures and companies – including Barack Obama, Kanye West, and Uber – before posting tweets asking for donations to a Bitcoin wallet.
“I give back to my community because of Covid-19. All Bitcoin sent to my address below will be returned twice. If you send $ 1,000, I’ll send you $ 2,000 back, “the fake tweets read.
Authorities say the hackers have made over $ 100,000 worth of Bitcoin through the illegal scheme.
But the young people were easily tracked when the FBI then started their investigation.
Graham Ivan Clark, 17, of Tampa, Florida, is believed to be the brain of the July 15 Twitter hack
Former US President Barack Obama, the most followed account on Twitter, was among the high-profile targets used to carry out the Bitcoin scam
Authorities were able to obtain data on the Bitcoin addresses involved in the hack by analyzing blockchain – a ledger that records cryptocurrency transactions.
They then converted the addresses into Coinbase – a digital currency exchange in which Bitcoin is stored.
Both Fazeli and Sheppard had their Coinbase accounts registered and verified with their real driver’s licenses, the company said ZNET.
Fazeli also used his IP address at home, which means researchers could easily find out his location.
In addition, the alleged hackers did not move the Bitcoin funds they received in an attempt to throw detectives off the path. Such an act is known as ‘tumbling’ and is the digital equivalent of money laundering.
Cyber security expert Jake Williams told The Associated Press that their efforts were “sloppy.”
“This is a great case study that shows how technology democratizes the ability to commit serious crimes,” said Williams.
“There wasn’t much development going into this attack.”
A British teenager has been accused of hacking the social media site Twitter and stealing thousands of dollars in Bitcoin by taking over the accounts of celebrities and business leaders (file photo)
Co-security expert Marcus Hutchins agreed.
“I think people underestimate the level of experience required to run these kinds of hacks. They may sound extremely sophisticated, but the techniques can be replicated by teenagers, ”he explained.
Court documents suggest that Fazeli and Sheppard only got involved in the scheme in a hacking chat room after Clark took advantage of the opportunity to take over Twitter handles from short names like @anxious and @foreign.
From there, that scam seems to have evolved into the full hijacking of high-profile accounts.
Investigators claim that Clark, who only recently finished high school in Florida, was the mastermind of the entire episode.
Twitter has officially stated that the hacker – alleged to be Clark – gained access to a corporate dashboard that manages accounts on July 15.
He did this by using social engineering and spearphishing smartphones to obtain the credentials of ‘a small number’ of Twitter employees to break into the internal systems.
From there, the hackers targeted 130 accounts. They managed to tweet their fake tweet from 45 productive accounts.
They also have access to the inbox of 36 others and download the Twitter data of seven separate issues.
Dutch anti-Islam MP Geert Wilders said that his inbox was one of the sources of access.
All three alleged hackers are tried separately.
Twitter says hackers have “manipulated” employees into accessing 130 accounts
Twitter said that hackers have “manipulated” some of its employees into accessing accounts.
According to Blockchain.com, which monitors crypto transactions, more than $ 100,000 in virtual currency was sent to email addresses mentioned in the tweets.
“We know they had access to tools that were only available to our internal support teams to target 130 Twitter accounts,” said a statement on Twitter’s blog.
For 45 of those accounts, the hackers were able to reset passwords, log in and send tweets, it added, downloading the personal data of up to eight unauthenticated users.
Twitter has locked the affected accounts and removed the fraudulent tweets. It also shut down accounts that were not affected by the hack as a precaution.