Three individuals, including a British national and a juvenile, have been charged in the United States for carrying out a spear-phishing attack targeting Twitter employees in July and hijacking 130 Twitter accounts belonging to politicians, celebrities, and musicians.
The widely-publicised hacking attack involved a group of hackers carrying out a "phone spear phishing attack" targeting employees who had access to Twitter's account management tools. This way, the attackers obtained the credentials of some of the employees and used the credentials to access the company's internal systems.
The attackers then proceeded to target additional employees who had access to Twitter's account support tools. After obtaining their credentials, they targeted 130 Twitter VIP accounts, accessed direct messages of 36 accounts, tweeted from 45 accounts, and downloaded the Twitter data from seven accounts.
"This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems. This was a striking reminder of how important each person on our team is in protecting our service," Twitter said.
After gaining access to 130 Twitter VIP accounts, the hackers proceeded to tweet Bitcoin exchange deals, asking Twitter users to send certain amounts of BTC to a specified wallet address and receive a large sum in return. Considering these offers came from global celebrities themselves, many Twitter users fell for it, transferring more than $100,000 within a few hours before Twitter got the chance to sound an alarm
The blatant social engineering tactic involved hackers taking over the Twitter accounts of Tesla CEO Elon Musk, former Microsoft boss Bill Gates, former U.S. President Barack Obama, Democratic candidate Joe Biden, Amazon CEO Jeff Bezos, Michael Bloomberg, Kanye West, Kim Kardashian West, and the official Twitter accounts of Apple and Uber, among others.
Three young hackers carried out the spear-phishing scam targeting Twitter employees
According to the U.S. Department of Justice, three individuals have been charged in the United States for carrying out the Twitter hack on 16th July. They are 19-year-old Mason Sheppard of Bognor Regis in the UK, 22-year-old Nima Fazeli of Orlando, Florida, and 17-year-old Graham Clark of Tampa, Florida.
"The hackers are alleged to have created a scam bitcoin account, to have hacked into Twitter VIP accounts, to have sent solicitations from the Twitter VIP accounts with a false promise to double any bitcoin deposits made to the scam account, and then to have stolen the bitcoin that victims deposited into the scam account," the department said.
“Upon opening an investigation into this attack, our investigators worked quickly to determine who was responsible and to locate those individuals. While investigations into cyber breaches can sometimes take years, our investigators were able to bring these hackers into custody in a matter of weeks,” said San Francisco FBI Special Agent in Charge John F. Bennett.
“Regardless of how long it takes us to identify hackers, we will follow the evidence to where it leads us and ultimately hold those responsible for cyber intrusions accountable for their actions. Cyber criminals will not find sanctuary behind their keyboards,” he added.
“There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence. Today’s charging announcement demonstrates that the elation of nefarious hacking into a secure environment for fun or profit will be short-lived,” said U.S. Attorney David L. Anderson for the Northern District of California.
“Criminal conduct over the Internet may feel stealthy to the people who perpetrate it, but there is nothing stealthy about it. In particular, I want to say to would-be offenders, break the law, and we will find you,” he added.