Three Suspects Charged With Orchestrating Massive Twitter Hack, But Legislators Are Still Concerned
Two weeks ago prominent twitter accounts including those of leading crypto exchanges and political figures including Joe Biden and Elon Musk were hacked in an elaborate scheme to advertise a Bitcoin scam.
On Friday, July 31 three suspects were arrested for orchestrating the hack including 17-year-old Graham Clark in Florida, 19-year-old Mason Shepard in the United Kingdom and 22-year-old Nima Fazeli also in Florida, as reported by local outlet WFLA.
Before the arrests were announced, blockchain analytics firm Elliptic reported that over 50% of the $121,000 worth of Bitcoin collected from the scam were sent to mixing services designed to obscure the blockchain transaction trail in an effort by the scammers to obscure the illicit origins of their funds. The primary services used by the criminals were ChipMixer and Wasabi Wallet. Elliptic also reported that the scammers were able to cash out 2.3% of their stolen funds.
However, Friday the three suspects were charged with an array of crimes including conspiracy to commit wire fraud, conspiracy to commit money laundering and intentional access of a protected computer.
“There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence,” U.S. Attorney David L. Anderson for the Northern District of California said in a recent announcement. “Today’s charging announcement demonstrates that the elation of nefarious hacking into a secure environment for fun or profit will be short-lived.”
Hillsborough State Attorney Andrew Warren — who charged Clark — states that more than $100,000 worth of Bitcoin was stolen over the course of the day, as reported by local outlet WFLA. He said that Clark will be prosecuted by his office in Florida because that is where the boy lives and where the crime was committed.
Twitter released a statement shortly after the arrests thanking law enforcement for their swift investigation. The platform also updated its blog on the incident writing that the attack targeted employees through a phone spear phishing attack, meaning they posed as trusted individuals to gain access to Twitter employees’ passwords.
“This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” the post read.
Their plan required them to gain access to Twitter’s internal network and employee credentials which allowed them to post from verified accounts. The attackers managed to access 170 Twitter accounts, publish tweets from 45, access the DM inbox of 36 and download the Twitter data of 7.
The data Twitter stores from its accounts includes when and where a user tweeted from, what device they tweeted on, advertising topics the user is interested in, applications downloaded to the user’s device and every tweet ever tweeted by their account.
The cyber attack raised red flags about the number of Twitter employees that have access to users’ private account information and the ability to modify their security settings, a problem Twitter has long been aware of and was even included in a report filed back in 2015 with the Securities and Exchange Commission. Over 1,000 employees had access to this personal account information two former Twitter employees told Reuters.
The hack also raised broader security concerns as social media platforms including Twitter and Facebook have become important stages for political debates and become crucially important during election seasons.
Lawmakers have expressed concern that the hack could have been used to circulate misinformation from verified accounts on election days including stating that voting centers were shut. There is also concern that applications like Twitter are vulnerable to interference similar to what was seen during the 2016 elections on Facebook.
Twitter has repeatedly stated that the company and its employees are committed to protecting users’ data, but the incident raises the possibility of increased regulation and security requirements of similar companies.
By Emily Mason