Brit among three charged for carrying out Twitter hack in July

Brit among three charged for carrying out Twitter hack in July

Liverpool boy Joseph O’Connor arrested in Spain for hacking Twitter last year

Three individuals, including a British national and a juvenile, have been charged in the United States for carrying out a spear-phishing attack targeting Twitter employees in July and hijacking 130 Twitter accounts belonging to politicians, celebrities, and musicians.

The widely-publicised hacking attack involved a group of hackers carrying out a “phone spear phishing attack” targeting employees who had access to Twitter’s account management tools. This way, the attackers obtained the credentials of some of the employees and used the credentials to access the company’s internal systems.

The attackers then proceeded to target additional employees who had access to Twitter’s account support tools. After obtaining their credentials, they targeted 130 Twitter VIP accounts, accessed direct messages of 36 accounts, tweeted from 45 accounts, and downloaded the Twitter data from seven accounts.

“This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems. This was a striking reminder of how important each person on our team is in protecting our service,” Twitter said.

After gaining access to 130 Twitter VIP accounts, the hackers proceeded to tweet Bitcoin exchange deals, asking Twitter users to send certain amounts of BTC to a specified wallet address and receive a large sum in return. Considering these offers came from global celebrities themselves, many Twitter users fell for it, transferring more than $100,000 within a few hours before Twitter got the chance to sound an alarm

The blatant social engineering tactic involved hackers taking over the Twitter accounts of Tesla CEO Elon Musk, former Microsoft boss Bill Gates, former U.S. President Barack Obama, Democratic candidate Joe Biden, Amazon CEO Jeff Bezos, Michael Bloomberg, Kanye West, Kim Kardashian West, and the official Twitter accounts of Apple and Uber, among others.

Three young hackers carried out the spear-phishing scam targeting Twitter employees

According to the U.S. Department of Justice, three individuals have been charged in the United States for carrying out the Twitter hack on 16th July. They are 19-year-old Mason Sheppard of Bognor Regis in the UK, 22-year-old Nima Fazeli of Orlando, Florida, and 17-year-old Graham Clark of Tampa, Florida.

“The hackers are alleged to have created a scam bitcoin account, to have hacked into Twitter VIP accounts, to have sent solicitations from the Twitter VIP accounts with a false promise to double any bitcoin deposits made to the scam account, and then to have stolen the bitcoin that victims deposited into the scam account,” the department said.

“Upon opening an investigation into this attack, our investigators worked quickly to determine who was responsible and to locate those individuals. While investigations into cyber breaches can sometimes take years, our investigators were able to bring these hackers into custody in a matter of weeks,” said San Francisco FBI Special Agent in Charge John F. Bennett.

“Regardless of how long it takes us to identify hackers, we will follow the evidence to where it leads us and ultimately hold those responsible for cyber intrusions accountable for their actions. Cyber criminals will not find sanctuary behind their keyboards,” he added.

“There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence. Today’s charging announcement demonstrates that the elation of nefarious hacking into a secure environment for fun or profit will be short-lived,” said U.S. Attorney David L. Anderson for the Northern District of California.

“Criminal conduct over the Internet may feel stealthy to the people who perpetrate it, but there is nothing stealthy about it. In particular, I want to say to would-be offenders, break the law, and we will find you,” he added.

Copyright Lyonsdown Limited 2021

Top Articles

Hackers are using hacked Chipotle email account to steal your passwords

Hackers have reportedly taken control of an email marketing account used by the Chipotle food chain and are using the account to fool Internet users to share their personal information…

Hackney Council exposed personal details of vulnerable citizens online

Hackney Council committed an IT blunder that publicly exposed the names and addresses of women placed in temporary accommodation for their own safety.

US medical imaging firm Express MRI discovers a major security breach

Express MRI suffered a security breach in July last year that potentially compromised the personal healthcare information of patients.

Related Articles

[s2Member-Login login_redirect=”” /]