This morning, the law enforcement of the FBI, the IRS, the US secret service and Florida arrested a 17-year-old in Tampa, Florida, accusing him of being the ‘mastermind’ behind Twitter’s biggest security and privacy breach, one that has taken over the accounts of President Barack Obama, Democratic presidential candidate Joe Biden, Bill Gates, Elon Musk, Kanye, Apple and more to commit a massive bitcoin scam on July 15.
But apparently he was not alone: Shortly after the Tampa arrest was revealed and after we published this story, two more individuals were formally charged by the United States Department of Justice, including 22-year-old Nima Fazeli in Orlando and 19-year-old -old Mason Sheppard in the UK. They follow the hacker aliases “Rolex” and “Chaewon” respectively, according to the DOJ.
According to federal agents, Sheppard had used a personal driver’s license to authenticate himself on the Binance and Coinbase cryptocurrency exchanges, and his accounts were found to have sent and received some of the defrauded Bitcoins. Fazeli also used a driver’s license to verify with Coinbase, where accounts managed by “Rolex” reportedly received payments in exchange for stolen Twitter usernames.
Fazeli faces 5 years of imprisonment and a fine of $ 250,000 for one computer burglary count. Shepard has been charged with computer intrusion, wire fraud conspiracy and money laundering conspiracy, the most serious of which involves a 20-year prison sentence and a $ 250,000 fine in the US.
But intriguingly, both Sheppard and Fazeli may be just intermediaries for the scam – “an unknown person” with the “Kirk # 5270” handle is believed to be the one who got access to Twitter’s internal systems. It’s not clear if the Tampa teen is Kirk # 5270, although it sounds like that’s possible. Sheppard’s complaint dates from July 22, and the Tampa teenager was not arrested until this morning. Originally, “Kirk” claimed to be a Twitter contributor, according to a Discord chat log:
Regardless, the 17-year-old Tampa teenager is currently in prison and charged with more than 30 crimes, including organized fraud, communication fraud, identity theft, and hacking, according to Hillsborough state attorney Andrew Warren in a press conference describe the arrest. Local NBC partner WFLA warned us about that news.
Initially, it was not clear whether the 17-year-old was the only suspect in the case. “I can’t say if he worked alone,” said Warren, the Florida prosecutor. Authorities have arrested him in his apartment where he lives alone.
He is being sued as an adult – “This was no ordinary 17-year-old,” said the prosecutor – and the news conference made it clear that law enforcement officers are considering the bad consequences of the hack, beyond the $ 100,000 plus in bitcoin the teenager would have scammed by unsuspecting Twitter users.
“This could have been a huge, huge amount of money stolen from people, it could have destabilized the financial markets in America and around the world; because he had access to the Twitter accounts of powerful politicians, he could have undermined politics as well as international diplomacy, “said Warren.
“This is not a game … these are serious crimes with serious consequences, and if you think you can get people online and get away with it, you are faced with a rude awakening, a rude awakening that comes in the form of a knock at 6 in the morning from federal agents, “he added later.
The teenager was “taken into custody without incident.” his first performance may be tomorrow morning, Warren said. He is being prosecuted in Florida so that he can be charged as an adult, suggesting there may not be federal charges against him at the moment.
Twitter provided the following tweet as an explanation:
We appreciate the rapid action of law enforcement in this investigation and will continue to cooperate as the case progresses. For our part, we aim to be transparent and provide regular updates.
Click here for the latest news https://t.co/kHty8TXaly
– Twitter communication (@TwitterComms) July 31, 2020
Yesterday, Twitter made its first attempt to explain how attackers managed to breach security and access the company’s own internal tools, which they used to take over some of the most distinguished accounts on the service. The company said several Twitter employees were the target of a “spear phishing attack over the phone,” which presumably means that hackers have called on Twitter workers while posing as colleagues or members of Twitter’s own security team, and prompted to reveal their credentials.
In addition to defrauding users from Bitcoin, the attackers have had access to the private direct messages of 36 Twitter users, including an elected official, and may have downloaded even larger caches of data for 7 other users. However, Twitter claims that no verified users have compromised their private messages or data caches, suggesting the DMs of Biden, Obama and others could have been safe. President Trump’s Twitter account has had extra protection for a long time, which could explain why it hasn’t been hacked.
Here’s the entire Hillsborough State Attorney’s Office press release with additional information about the arrest, as well as DOJ complaints about the other two people. We are currently remembering the 17-year-old’s name and are removing entries from the PR, something the DOJ has also done.
Hillsborough prosecution tapped to prosecute global “Bit-Con” hack from prominent Twitter users
Tampa, FL (July 31, 2020) – Hillsborough state attorney Andrew Warren has filed 30 charges against a Tampa resident for defrauding people across America, using the “Bit-Con” hack of prominent Twitter accounts, including Bill Gates, Barack Obama, and Elon Musk on July 15, 2020.
The Federal Bureau of Investigation and the United States Department of Justice have conducted a complex nationwide investigation in which the suspect is located and arrested in Hillsborough County.
“These crimes were committed with the names of famous people and celebrities, but they are not the main victims here. This ‘Bit-Con’ is designed to steal money from ordinary Americans from all over the country, including here in Florida. This massive fraud has been orchestrated here in our backyard, and we won’t stand for that, ”said prosecutor Warren.
The investigation found that REDACTED, 17, was the brain of Twitter’s recent hack. He was arrested in Tampa in early July 31. REDACTED’s plan to commit fraud stole the identities of prominent people, posted messages in their name ordering victims to send Bitcoin to accounts associated with REDACTED, and garnered more than $ 100,000 worth of Bitcoin in just one day. As a cryptocurrency, Bitcoin is difficult to track and recover if stolen in a scam.
“I would like to congratulate our federal law enforcement partners – the U.S. Northern District law firm, the FBI, the IRS, and the Secret Service – as well as the Florida Department of Law police. They worked quickly to investigate and identify the culprit of a sophisticated and comprehensive fraud, “said prosecutor Warren.
“This defendant lives here in Tampa, he committed the crime here and he will be prosecuted here,” added Warren. The Hillsborough State Attorney’s Office sues REDACTED because Florida law allows minors to be charged as adults in financial fraud cases such as this, if any. The FBI and the Department of Justice will continue to work with the agency throughout the prosecution.
The specific costs REDUCED faces are:
ORGANIZED FRAUD (OVER $ 50,000) – 1 count
COMMUNICATION FRAUD (MORE THAN $ 300) – 17 count
FRAUDULENT USE OF PERSONAL INFORMATION (MORE THAN $ 100,000 OR 30 OR MORE VICTIMS) – 1 count
FRAUDULENT USE OF PERSONAL INFORMATION – 10 count
ACCESS COMPUTER OR ELECTRONIC DEVICE WITHOUT AUTHORITY (DEFRAUD SCHEME) – 1 count
“Working together, we will hold this defendant responsible,” said Warren. “It’s always wrong to defraud people with their hard-earned money. Whether you’re taking advantage of someone trying to steal their money or their cryptocurrency personally or over the internet – it’s fraud, it’s illegal, and you can’t get away with it. ‘