Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Teenage ‘mastermind’ involved in celebrity Twitter hack will serve three-year sentence

People sent the equivalent of $117,440 to the hacker

Rachel Lerman
Thursday 18 March 2021 00:15 GMT
Comments
Russia Twitter
Russia Twitter (Copyright 2021 The Associated Press. All rights reserved.)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A Florida teenager who was involved in the high-profile and massive hack of Twitter last year has reached a plea deal with prosecutors and will serve three years in a juvenile facility, followed by three years of probation.

Graham Ivan Clark, now 18, was the “mastermind” of the so-called “Bit-Con” hack, authorities said, and one of three charged in the immediate aftermath of the incident. He pleaded guilty to all charges according to the Office of the State Attorney 13th Judicial Circuit in Tampa. Charges included organized fraud, communications fraud and fraudulent use of personal information.

The massive security breach targeted accounts with huge followings, including those belonging to Tesla chief executive Elon Musk, Amazon chief executive Jeff Bezos, then-presidential candidate Joe Biden, former president Barack Obama and others. Hackers posted tweets instructing people to send cryptocurrency to the same bitcoin address, saying they would get their money back.

People sent the equivalent of $117,440 to the account.

“He took over the accounts of famous people, but the money he stole came from regular, hard-working people,” Hillsborough State Attorney Andrew Warren said in a statement.

Twitter played Whac-A-Mole with the tweets throughout the day on July 15, removing them after they popped up. But it wasn’t until later that night that Twitter seemed to mostly regain control, after shutting down all verified accounts for more than two hours. The next day, as federal investigations started to heat up, some people still were not able to access their accounts. Twitter said at the time it had locked down any accounts that tried to change their passwords in the past 30 days “out of an abundance of caution.”

The scale and longevity of the hack showed just how vulnerable even sophisticated technologies can be to security breaches. Last summer, cybersecurity expert Rachel Tobac said it was “extremely lucky” that the attackers were trying to get money and not cause mass chaos.

The attack was orchestrated through a phone spearphishing scheme, Twitter said last year. Hackers called employees, and tricked them into giving the attackers access to some internal Twitter tools, which eventually led them to take over account support controls.

In the aftermath, Twitter said it had “significantly limited access” to the internal control tools and was improving the way it detects breaches.

Clark, who was 17 when the hack occurred, is expected to remain under supervision during probation until he is 23 years old. Authorities seized the money he collected during the hack and said it is expected to be returned to people who sent it.

Washington Post

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in