How the FBI tracked down the prominent Twitter hackers: cybercriminals were "extremely sloppy"

The FBI found three hackers who committed the biggest Twitter violation in history because they were "extremely sloppy" at postponing their Bitcoin transactions.

Graham Ivan Clark, 17, from Tampa, Florida; Nima Fazeli, 22, from Orlando, Florida; and Mason Sheppard, 19, of Bognor Regis, UK, were all charged with the hack that took place on July 15.

On that day, the men conspired to kidnap Twitter accounts of famous people and companies – including Barack Obama, Kanye West, and Uber – before posting tweets asking for donations to a Bitcoin wallet.

“I'm giving something back to my church based on Covid-19. All Bitcoin sent to my address below will be sent back twice. If you send $ 1,000, I will send back $ 2,000, ”were the wrong tweets.

Authorities say the hackers made more than $ 100,000 in Bitcoin through the illegal system.

However, the adolescents were easily tracked down when the FBI launched its investigation.

Former US President Barack Obama, the most visited account on Twitter, was one of the best-known targets used to carry out the Bitcoin scam

The authorities were able to access data on the Bitcoin addresses involved in the hack by analyzing the blockchain – a ledger that records cryptocurrency transactions.

They then tracked the addresses to Coinbase – a digital currency exchange that stores Bitcoin.

According to ZNET, both Fazeli and Sheppard had registered and verified their Coinbase accounts with their real driver's licenses.

Fazeli also used his private IP address, which meant that the investigators could easily track his location.

In addition, the alleged hackers were not concerned with the Bitcoin funds they had received to throw detectives off track. Such an act is called "tumbling" and is the digital equivalent of money laundering.

Cyber ​​security expert Jake Williams told The Associated Press that their efforts were "sloppy."

"This is a great case study that shows how technology democratizes the ability to commit serious crimes," Williams said.

"There wasn't much development for this attack."

A British teenager has been accused of hacking the Twitter social media site and stealing thousands of dollars worth of Bitcoin by taking over the accounts of celebrities and executives (file photo)

Cyber ​​security expert Marcus Hutchins agreed.

"I think people underestimate the experience needed to do this kind of hack. They may sound extremely sophisticated, but the techniques can be repeated by teenagers, ”he said.

According to court records, Fazeli and Sheppard only participated in the program in a hacking chat room after Clark considered the possibility of adopting Twitter handles with short names like @anxious and @foreign.

From then on, this scam appears to have evolved into a major hijacking of high profile accounts.

Investigators claim Clark, who recently graduated from Florida high school, was the mastermind of the entire episode.

Twitter has officially stated that the hacker – allegedly Clark – got access to a corporate dashboard that manages accounts on July 15.

He did this using social engineering and spear phishing smartphones to get credentials from "a small number" of Twitter employees to penetrate internal systems.

From there, the hackers targeted 130 accounts. They managed to tweet their fake tweet from 45 productive accounts.

They also accessed 36 other people's direct inboxes and downloaded Twitter data from seven different accounts.

Dutch anti-Islam MP Geert Wilders said his inbox was among those accessed.

All three suspected hackers are brought to trial separately.