FBI arrests three men Including 17-Yr old “mastermind” for the celebrity Twitter hack, here is how FBI tracked down the Twitter hackers
Earlier on July, 15, Bitcoin cryptocurrency scammers went on a mass hacking spree by hacking into the verified and 2FA enabled Twitter accounts of celebrities. The cryptocurrency scammers hacked into 130 Twitter accounts and managed to tweet from 45 verified celebrity accounts urging the celebrity followers to send them bitcoins. They also accessed the direct message inboxes of 36 celebrities, and download the Twitter data from seven accounts.
The FBI today charged two teenagers and a 22-year-old man with hacking the Twitter accounts of famous people including former President Barack Obama, billionaire Bill Gates and Tesla Chief Executive Elon Musk, the Department of Justice said on Friday. The three men arrested for the celebrity Twitter hack are:
- Mason Sheppard, aka “Chaewon,” 19, of Bognor Regis, in the United Kingdom
- Nima Fazeli, aka “Rolex,” 22, of Orlando, Florida
- Graham Ivan Clark aka “Kirk,” 17 of Tampa, Florida
The mastermind or the gang leader of this team was 17-year-old Clark, FBI said. He started the hacking process on 3rd May after he allegedly gained access to the Twitter users’ admin panel by spear-phishing a Twitter employee. New York Times report contradicts this information and says that Clark initially gained access to one of Twitter’s internal Slack workspaces, and not to Twitter itself.
After gaining access, Clark used Discord with the handle, Kirk#5270 to connect with Fazeli (Rolex#037) and Sheppard(ever so anxious#0001) to solicit sale of hacked Twitter accounts. Clark sold Sheppard access to multiple short-form Twitter accounts, such as @xx, @dark, @vampire, @obinna, and @drug.
— Ryan Hughes (@WFLARyan) July 31, 2020
Clark convinced the other two that he was a Twitter employee with unrestricted access to the Twitter internal admin panel. Sheppard and Fazeli struck a deal with Clark to post ads on the OGUsers Forum to sell hacked Twitter accounts. This is when the trio hatched the fateful 15th July cryptocurrency scam by hacking into Twitter accounts of Barrack Obama, Joe Biden, Bill Gates, Elon Musk, Jeff Bezos, Apple, Uber, Kanye West, Kim Kardashian, Floyd Mayweather, Michael Bloomberg, and others,
The tweets made by the hackers asked the celebrity Twitter followers to send them bitcoins and promised them to double the amount. Many gullible followers of the above Twitter accounts fell victim to the sam and sent12.83 bitcoin, or around $117,000 to the hackers. Many cryptocurrency exchanges like Coinbase acted swiftly blocked bitcoin transfers to the wallets mentioned by the hackers. Coinbase said that it had prevented Bitcoins close to $284,000 from being transferred to the hackers.
How FBI nabbed Clark, Sheppard, and Fazeli?
The Twitter hack happened on 15th June and subsequently, it filed a formal criminal complaint with authorities. FBI started sifting through all the data about the celebrity Twitter hack posted on social media, forums, and electronic media. From there they were able to track down the chat logs and hackers user details from Discord. They also skimmed through the OGUsers Forum database leaked online in April 2020. This database contained details on registered forum users, such as emails and IP addresses, but also private messages.
Next, the FBI obtained the bitcoin wallets posted by the hackers in the tweets and matched them to the wallets used and mentioned by the three hackers in the past in Discord chats and OGUsers forum posts. All this data led them to Clark and then eventually to Sheppard and Fazeli.
17-year-old Graham Clark has been charged 30 felonies of communications against spamming with hundreds of accounts according to Florida news channel.
19-year-old Mason Sheppard has bee charged with conspiracy to commit wire fraud, commit money laundering, and access to a protected computer.
22-year-old Nima has been charged aiding and abetting the intentional access of a protected computer, reads U.S. Department of Justice, press release.