The FBI found three hackers who committed the biggest Twitter violation in history because they were "extremely sloppy" at postponing their Bitcoin transactions.
Graham Ivan Clark, 17, from Tampa, Florida; Nima Fazeli, 22, from Orlando, Florida; and Mason Sheppard, 19, of Bognor Regis, UK, were all charged with the hack that took place on July 15.
On that day, the men conspired to kidnap Twitter accounts of famous people and companies – including Barack Obama, Kanye West, and Uber – before posting tweets asking for donations to a Bitcoin wallet.
“I'm giving something back to my church based on Covid-19. All Bitcoin sent to my address below will be sent back twice. If you send $ 1,000, I will send back $ 2,000, ”were the wrong tweets.
Authorities say the hackers made more than $ 100,000 in Bitcoin through the illegal system.
However, the adolescents were easily tracked down when the FBI launched its investigation.
Graham Ivan Clark, 17, of Tampa, Florida, is thought to be the pioneer of the July 15th hack
Former US President Barack Obama, the most visited account on Twitter, was one of the best-known targets used to carry out the Bitcoin scam
The authorities were able to access data on the Bitcoin addresses involved in the hack by analyzing the blockchain – a ledger that records cryptocurrency transactions.
They then tracked the addresses to Coinbase – a digital currency exchange that stores Bitcoin.
According to ZNET, both Fazeli and Sheppard had registered and verified their Coinbase accounts with their real driver's licenses.
Fazeli also used his private IP address, which meant that the investigators could easily track his location.
In addition, the alleged hackers were not concerned with the Bitcoin funds they had received to throw detectives off track. Such an act is called "tumbling" and is the digital equivalent of money laundering.
Cyber security expert Jake Williams told The Associated Press that their efforts were "sloppy."
"This is a great case study that shows how technology democratizes the ability to commit serious crimes," Williams said.
"There wasn't much development for this attack."
A British teenager has been accused of hacking the Twitter social media site and stealing thousands of dollars worth of Bitcoin by taking over the accounts of celebrities and executives (file photo)
Cyber security expert Marcus Hutchins agreed.
"I think people underestimate the experience needed to do this kind of hack. They may sound extremely sophisticated, but the techniques can be repeated by teenagers, ”he said.
According to court records, Fazeli and Sheppard only participated in the program in a hacking chat room after Clark considered the possibility of adopting Twitter handles with short names like @anxious and @foreign.
From then on, this scam appears to have evolved into a major hijacking of high profile accounts.
Investigators claim Clark, who recently graduated from Florida high school, was the mastermind of the entire episode.
Twitter has officially stated that the hacker – allegedly Clark – got access to a corporate dashboard that manages accounts on July 15.
He did this using social engineering and spear phishing smartphones to get credentials from "a small number" of Twitter employees to penetrate internal systems.
From there, the hackers targeted 130 accounts. They managed to tweet their fake tweet from 45 productive accounts.
They also accessed 36 other people's direct inboxes and downloaded Twitter data from seven different accounts.
Dutch anti-Islam MP Geert Wilders said his inbox was among those accessed.
All three suspected hackers are brought to trial separately.
According to Twitter, hackers have manipulated employees to access 130 accounts
Twitter said hackers "manipulated" some of its employees to access accounts.
According to Blockchain.com, which monitors crypto transactions, the virtual currency worth over $ 100,000 was sent to the email addresses listed in the tweets.
"We know they have access to tools that are only available to our internal support teams to target 130 Twitter accounts," said a statement on the Twitter blog.
For 45 of these accounts, the hackers were able to reset passwords, sign in, and send tweets while the personal information was downloaded by up to eight non-verified users.
Twitter blocked affected accounts and removed the fraudulent tweets. As a precaution, accounts are closed that are not affected by the hack.
(tagsToTranslate) Dailymail (t) News (t) Latest News (t) Crime (t) Twitter (t) Florida