Three of the alleged perpetrators behind the July 16 Twitter hack have now been identified and charged, prosecutors say. Of the three identified by a federal investigative agency and an investigation by the Department of Justice, one – the alleged pioneer of the attack – was arrested.
In case you need a quick refresher, someone took control of several well-known Twitter accounts on July 16 and tweeted a Bitcoin wallet address. He promises to give double the amount to anyone who has sent money to the account. Of course that didn̵
We welcome the speedy action by law enforcement officers in this investigation and will continue to work together as the case progresses. For our part, we focus on being transparent and regularly providing updates.
You can find the latest information here 👇 https://t.co/kHty8TXaly
– Twitter Comms (@TwitterComms) July 31, 2020
Overall, the Twitter hack was attributed to three people: Mason Sheppard, a 19-year-old in the UK; Nima Fazeli, 22 years old in Orlando; and a 17 year old in Florida, whose name we will not use due to his age. The 17-year-old is described by the prosecutor as the main initiator of this attack. He was arrested today at his home in Tampa, Florida. Fazeli and Sheppard are separately charged by the United States Attorney General in the northern district of California.
The 17-year-old is specifically charged with 30 crimes, including various types of fraud. Not only did he cheat everyone for money – he allegedly raised nearly $ 120,000 from the hack – but he also apparently sold access to some accounts. According to officials from the state of Florida, he is charged as an adult. According to the New York Times, Fazeli and Sheppard acted as brokers of the stolen accounts.
Twitter later revealed that the hack was carried out via “social engineering” and a so-called telephone spear phishing attack. In essence, they targeted employees by pretending to be trustworthy employees and had access to their accounts. As Twitter puts it: “…The attackers used their credentials to access our internal systems and get information about our processes. This knowledge then allowed them to contact additional employees who had access to our account support tools. “
Hillsborough County Prosecutor Andrew Warren said the people who sent money were the real victims: “It is always wrong to defraud people of their hard-earned money. Whether you are taking advantage of someone in person or on the internet, trying to steal their money or cryptocurrency – it is fraud, it is illegal and you will not get away with it. “
Phew, hey you!
Would you like to receive the funniest daily tech newsletter in your inbox for FREE every day? Of course: Sign up for Big Spam here.