A teenager from Florida has been identified as the mastermind behind a Twitter hack earlier this month which targeted the accounts of politicians, celebrities and businesspeople.
The 17-year-old was arrested in Tampa on Friday, and he faces 30 felony charges, according to prosecutors, who said he would be charged as an adult.
A 19-year-old from Bognor Regis in the UK, Mason Sheppard, and Nima Fazeli, 22, from Orlando, were both charged separately, accused of benefiting from the hack.
On July 15 tweets were sent out from the accounts of Barack Obama, Joe Biden, Mike Bloomberg, Jeff Bezos, Bill Gates and Elon Musk, while the accounts of some celebrities were also compromised.
The tweets offered to send $2,000 for every $1,000 sent to an anonymous Bitcoin address, resulting in people around the world being scammed out of more than $100,000 in Bitcoin.
Court papers in the California cases say Fazeli and Sheppard brokered the sale of Twitter accounts stolen by a hacker who identified himself as “Kirk” and said he could “reset, swap and control any Twitter account at will” in exchange for cybercurrency payments, claiming to be a Twitter employee.
The documents do not specify Kirk’s real identity but say he is a teen being prosecuted in the Tampa area.
Twitter has said the hacker gained access to a company dashboard that manages accounts by using social engineering and spear-phishing smartphones to obtain credentials from “a small number” of Twitter employees “to gain access to our internal systems.” Spear-phishing uses email or other messaging to deceive people into sharing access credentials.
“There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence,” US Attorney David L Anderson for the Northern District of California said in a news release.
The evidence suggests, however, that those responsible did a poor job indeed of covering their tracks. The court documents show how federal agents tracked down the hackers through Bitcoin transactions and by obtaining records of their online chats.
Security experts were not surprised that the alleged mastermind is a 17-year-old, given the relatively amateurish nature of both the operation and how participants discussed it with New York Times reporters afterward.
“This is a great case study showing how technology democratises the ability to commit serious criminal acts,” said Jake Williams, founder of the cybersecurity firm Rendition Infosec. “There wasn’t a ton of development that went into this attack.”
Williams said the hackers were “extremely sloppy” in how they moved the Bitcoin around. It did not appear they used any services that make cryptocurrency difficult to trace by “tumbling” transactions of multiple users, a technique akin to money laundering, he said.
The hack targeted 130 accounts with tweets being sent from 45 accounts, obtained access to the direct message inboxes of 36, and downloaded Twitter data from seven. Dutch far-right politician Geert Wilders has said his inbox was among those accessed.