Alleged second teen mastermind behind Twitter’s 'Bitcoin giveaway' hack

Published at: Sept. 1, 2020

The Federal Bureau of Investigation executed a search warrant against a 16-year-old Massachusetts resident in connection with the massive Twitter breach.

According to a New York Times report, on Sept. 1, authorities raided the home of a 16-year-old boy who may have played an “equal, if not more significant role” in the infamous July 15 hack, which resulted in millions of followers of high-profile Twitter accounts being falsely offered 2-for-1 “giveaways“ for any Bitcoin (BTC) sent.

The investigation revealed that he may have posed as a Twitter employee or contractor to fool legitimate ones into entering their login credentials to fake websites where he could then capture them.

The report stated that the teenager coordinated the Twitter attack, starting in May with 17-year-old Graham Ivan Clark, the alleged mastermind. While Clark was discovered through his Discord chat records, the unnamed teenager reportedly used encrypted messaging systems like Signal and Wire, making it harder for investigators to identify him.

The unnamed individual could be the fourth charged following an investigation by the FBI, the Internal Revenue Service, the U.S. Secret Service and local authorities. Clark was arrested on July 31 on 30 felony charges. In addition, 19-year-old U.K. resident Mason John Sheppard and 22-year-old Florida resident Nima Fazeli have also been charged by federal prosecutors.

On Aug. 4, Clark pleaded not guilty to 17 counts of communications fraud, 11 counts of illegal use of personal information, one count of organized fraud over $5,000 and one count of illegally accessing a computer or electronic device. He is currently in jail awaiting trial. His bail is set at $725,000.

The FBI has not yet pressed any charges for the youth for his alleged involvement in the incident, which resulted in Twitter users sending 12 BTC — roughly $144,000 as of this writing — to different addresses posted during the attack.

Tags
Regulation
Cybercrime
Cybersecurity
Related Posts
How will DOJ’s new crypto enforcement team change the game for industry players, good and bad?
On Oct. 6, the United States Department of Justice, or DOJ, announced the creation of a specialized unit, the National Cryptocurrency Enforcement Team, or NCET, tasked with prosecuting criminal misuses of digital assets and crypto infrastructure, as well as tracing and recovering the ill-gotten cryptocurrency. The move continues the U.S. authorities’ push to disrupt the corners of the crypto ecosystem that are thought to facilitate illicit activity, such as ransomware attacks. What does the government’s crypto enforcement ramp-up hold for the larger digital asset space? Pooling crypto expertise The new unit will operate according to the principles articulated almost exactly …
Regulation / Oct. 15, 2021
Aussie cyber spies to control critical infrastructure during ransomware attacks
Australia’s top cyber spies are set to gain greater powers in the event of ransomware or other cyber attacks on critical infrastructure. The Australian Signals Directorate (ASD), a government agency in charge of cyber warfare and information security, would be able to take over control of critical infrastructure — including energy, communications and banking systems — under new legislation introduced into Parliament. The legislation even includes health care and grocery businesses under the definition of critical infrastructure and imposes new positive security obligations. For ASD operatives to provide assistance, operators from the affected infrastructure would have to report a serious …
Adoption / Oct. 20, 2021
Breach at Indian exchange BuyUCoin allegedly exposes 325K users’ personal data
Users of Indian crypto exchange BuyUCoin have reportedly been affected by a breach compromising personal data of more than 325,000 people. According to a report from Indian news outlet Inc42, a hacking group by the name of ShinyHunters leaked a database containing the names, phone numbers, email addresses, tax identification numbers and bank account details of more than 325,000 BuyUCoin users. However, a later report from Bleeping Computer shows the leaked data may only contain information from 161,487 BuyUCoin members. Cybersecurity researcher Rajshekhar Rajaharia posted screenshots of the leaked data — recorded until September 2020 — to Twitter last week, …
Regulation / Jan. 24, 2021
NCFTA onboards crypto exchange Binance to fight against cybercrime
The National Cyber-Forensics and Training Alliance (NCFTA), an American non-profit, onboarded its first crypto firm Binance to aid their ongoing battle against cybercrimes. Founded in 2002, the NCFTA partners with law enforcement and various business and academic entities to source threat intelligence to identify and mitigate cybercrime threats. By partnering with Binance, the world’s biggest crypto exchange in terms of trading volume, the NCFTA aims to tackle international cybersecurity investigations. According to Binance’s VP of Global Intelligence and Investigations, Tigran Gambaryan, the exchange aims to be the leading contributor in the fight against cybercrime, ransomware, and terrorism financing: “Joining the …
Blockchain / Jan. 18, 2022
Chainalysis exec touts blockchain analysis to Senate homeland security committee
The collection and processing of information was a major theme at the United States Senate Committee on Homeland Security and Governmental Affairs (HSGAC) hearing titled, “Rising Threats: Ransomware Attacks and Ransom Payments Enabled by Cryptocurrency” on Tuesday. The committee hosted a panel of private-sector experts who discussed the problem of ransomware attacks and the challenges of collecting and using the information necessary to fight them. Committee chair Gary Peters of Michigan, who introduced the Strengthening American Cybersecurity Act in February, said the government lacks sufficient data even to understand the scope of the threat posed by ransomware attacks. Attackers almost …
Regulation / June 7, 2022