X

Tampa teen charged over massive Twitter hack

The accounts of dozens of politicians, celebrities and businesses were hijacked to peddle a bitcoin scam.

Carrie Mihalcik Former Managing Editor / News
Carrie was a managing editor at CNET focused on breaking and trending news. She'd been reporting and editing for more than a decade, including at the National Journal and Current TV.
Expertise Breaking News, Technology Credentials
  • Carrie has lived on both coasts and can definitively say that Chesapeake Bay blue crabs are the best.
Queenie Wong Former Senior Writer
Queenie Wong was a senior writer for CNET News, focusing on social media companies including Facebook's parent company Meta, Twitter and TikTok. Before joining CNET, she worked for The Mercury News in San Jose and the Statesman Journal in Salem, Oregon. A native of Southern California, she took her first journalism class in middle school.
Expertise I've been writing about social media since 2015 but have previously covered politics, crime and education. I also have a degree in studio art. Credentials
  • 2022 Eddie award for consumer analysis
Carrie Mihalcik
Queenie Wong
3 min read
twitter-logo-phone-9811
Angela Lang/CNET

A Florida teenager is accused of being the "mastermind" behind a massive Twitter hack earlier this month that hijacked the accounts of dozens of high-profile politicians, celebrities and businesses to peddle a bitcoin scam. Hillsborough State Attorney Andrew Warren filed 30 felony charges against 17-year-old Graham Ivan Clark, who was arrested Friday.

The US Department of Justice also filed charges against two other people, 19-year-old UK resident Mason Sheppard and 22-year-old Florida resident Nima Fazeli, for their alleged role in the hack. 

"These crimes were perpetrated using the names of famous people and celebrities, but they're not the primary victims here," said Warren in a release. "This 'Bit-Con' was designed to steal money from regular Americans from all over the country, including here in Florida."

The scam bitcoin account received more than 400 transfers worth more than $100,000, according to the DOJ. 

Clark faces charges including organized fraud, communications fraud and fraudulent use of personal information. Sheppard faces charges including conspiracy to commit wire fraud and conspiracy to commit money laundering, while Fazeli is charged with aiding and abetting the intentional access of a protected computer.

"There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence," said US Attorney David Anderson in a release. "Criminal conduct over the Internet may feel stealthy to the people who perpetrate it, but there is nothing stealthy about it."

Investigators reviewed chats on Discord, bitcoin transactions, and records from a hacked forum database to tie Sheppard and Fazeli to the Twitter bitcoin scam, legal documents show. 

CNET wasn't able to immediately identify the lawyers for the three suspects. Fazeli's father told the Associated Press that he thinks his son is innocent. "We are as shocked as everybody else," Mohamad Fazeli said. "I'm sure this is a mix up."

Twitter on Thursday said the hack -- which targeted the accounts of Elon MuskBill GatesKanye West, Barack Obama and other celebrities -- was the result of a spearphishing attack. Twitter said the attackers needed both access to Twitter's internal network and employee credentials that granted access to specific support tools. 

The hackers allegedly relied on an approach that typically involves bogus emails disguised as legitimate ones to fool recipients into revealing passwords or other sensitive information. Twitter said 130 accounts were targeted in the attack, with hackers managing to tweet from 45 accounts, accessing the direct message inboxes of 36 accounts and downloading the Twitter data from seven.

The Twitter hack fueled concern among politicians, cybersecurity experts and Twitter users that the social media site isn't prepared to combat election meddling and other security challenges. Election security has been a top concern for tech companies since Russian trolls used social media posts and ads on Facebook and Twitter to sow discord among Americans during the 2016 US presidential election.

"Increasingly we rely on platforms like Twitter to receive news and other information that is important to our lives. The Twitter VIP hack undermines public confidence in those information platforms. Everyone who uses Twitter or is influenced by it has been victimized by this hack," Anderson said in a video announcing the charges. 

In a statement posted to Twitter on Friday, the company said it appreciates the "swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses." Twitter added that it'll continue to provide updates.