A Florida teenager accused of orchestrating one of Twitter’s hacks last year – he used celebrity accounts to earn more than $ 100,000 in a cryptocurrency scheme – pleaded guilty on Tuesday in exchange for a three-year sentence, was widely publicized.
Authorities said Graham Ivan Clark, now 18, and two other men used social engineering and other techniques to gain access to Twitter’s internal systems. They then allegedly used their control to assume what Twitter said were 130 accounts. A small sample of account holders included then Vice President Joe Biden, Tesla founder Elon Musk, pop star Kanye West and Microsoft philanthropist and founder and former CEO and president Bill Gates.
Time to fulfill
Defendants, prosecutors claimed, caused high-profile accounts – many with millions of followers – to promote fraud that promised to double returns if people deposited bitcoins in wallets controlled by the attacker. The scheme generated more than $ 117,000. Hackers also took over accounts with short, highly coveted usernames in a circle of criminal hacker forums that call themselves OGusers.
According to the Tampa Bay Times, Clark agreed to plead guilty in exchange for a three-year prison sentence followed by three-year probation. The deal allows Clark to be convicted as a “juvenile offender”, a condition that allows him to avoid a minimum sentence of 10 years that he would have received had he been convicted as an adult.
Clark will serve time in a state prison designated for young adults and may be eligible to serve part of his time at a military training camp. He will also receive the mandatory minimum if he violates the terms of his probation.
The plea bargain prohibits Clark from using computers without the permission and supervision of law enforcement officials. He will have to search your property and provide passwords for all accounts he controls.
Meticulous research
A researcher who worked with the FBI in investigating the Twitter breach said the hack was the result of meticulous research that Clark and the other two hackers did on Twitter employees. They started by scouring LinkedIn for Twitter employees who would likely have access to account holder tools. The hackers then used resources that LinkedIn makes available to recruiters to obtain employees’ cell phone numbers and other private contact information.
The attackers called employees and used the information obtained from LinkedIn and other public sources to convince them that they were authorized Twitter employees. Work at home agreements caused by the COVID-19 pandemic also prevented employees from using normal procedures, such as personal contact to verify the identity of callers.
“Giving back to the community”
With the trust of the targeted employees, the attackers directed them to a phishing page that mimicked an internal Twitter VPN. Attackers then obtain credentials as targeted employees enter them. To circumvent Twitter’s two-factor authentication protections, attackers entered their credentials on the actual Twitter VPN portal in seconds after employees entered their information on the fake portal. As soon as the employee entered the one-time password, the attackers entered.
The hackers then took over celebrity accounts and used them to promote a cryptocurrency scheme.
“I’m giving back to the community,” tweeted an account belonging to President Joe Biden. “All Bitcoins sent to the address below will be returned in double! If you send $ 1,000, I will return $ 2,000. Just doing this for 30 minutes … Enjoy! “
Similar tweets came from other celebrity accounts.
Clark appeared by videoconference in court on Tuesday, hearing from Hillsborough County Prison, where he has been held since his arrest. Mason Sheppard, 19, and Nima Fazeli, 22, face federal charges for their alleged role in the intrusion of Twitter and the cryptocurrency scheme.