17-year-old ‘mastermind,’ 2 other suspects behind Twitter hack, Bitcoin scam

Three suspects were arrested and have been charged Friday for the “Bit-Con” hack of high-profile Twitter accounts that occurred July 15, according to U.S. Attorney’s Office Northern District of California.

Florida Department of Law Enforcement confirms 17-year-old Graham Ivan Clark was arrested in Tampa Friday for the high-profile hack.

According to the FDLE Facebook post, Clark is the “mastermind” behind the hack and is accused of taking control of several accounts belonging to notable people, including former President Barack Obama, Elon Musk and Bill Gates. Investigators says he and two other suspects and used the accounts to spread a Bitcoin scam.

“He gained access to Twitter accounts and to the internal controls of Twitter through compromising a Twitter employee,” said Andrew Warren, the state attorney in Hillsborough County.

None of Clark’s charges are from the federal level but at the state level because the state attorney said there is more flexibility in Florida law to charge minors as adults in financial fraud cases.

Twitter says the hackers used the phone to fool employees at the social media company through a spear phishing attack.

“In your standard phishing attack, you will see the criminals cast a wide net,” said Rich Kolko, WINK News’ Safety and Security Specialist. “But, in a spear phishing attack, they are after specific high-ranking individuals.”

The scammers then hacked the accounts of high-profile individuals that also included presidential candidate Joe Biden and Amazon CEO Jeff Bezos — the list goes on.

The hackers are accuse of posting tweets telling people if they donated $1,000 in in Bitcoin, they would be given $2,000 in return.

“They’re going to make their play to get you to give up your money, in this case to buy Bitcoin,” Kolko explained. “They’re going to say things like, ‘You’ve only got a few minutes to decide’. It’s going to be a high-pressure sales tactic.”

Complaint claims show the scam Bitcoin account received more than 400 transfers that, in less than a day, accrued about $100,000.

“You don’t expect a kid, just a kid, my age to do that,” Marcos Grimado said.

People we talked with say they see how younger generations are connected to tech at very early ages and wonder if that’s why a crime of this magnitude involved two teenagers.

My little sister, she has her own phone at probably 7-years-old,” Grimado said. “All of it revolves around technology.”

Clark faces dozens of felony charges related to the hack.

U.S. Attorney’s Office Northern District of California confirmed the names of the two other suspects who were arrested and charged for the “Bit-Con” hack.

According to the court, suspect Mason Sheppard, aka “Chaewon,” 19, of Bognor Regis, in the United Kingdom, was charged in a criminal complaint in the Northern District of California with conspiracy to commit wire fraud, conspiracy to commit money laundering and the intentional access of a protected computer.

Suspect Nima Fazeli, aka “Rolex,” 22, of Orlando, Florida, was also charged in a criminal complaint in the Northern District of California with aiding and abetting the intentional access of a protected computer.

“The hackers allegedly compromised over 100 social media accounts and scammed both the account users and others who sent money based on their fraudulent solicitations,” said Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division. “The rapid investigation of this conduct is a testament to the expertise of our investigators, our commitment to responding quickly to cyber attacks, and the close relationships we have built with law enforcement partners throughout the world.”

According to the court, as shared in submitted complaints, the Twitter attack consisted of a combination of technical breaches and social engineering. The result of the Twitter hack was the compromise of approximately 130 Twitter accounts pertaining to politicians, celebrities and musicians.

The hackers are accused of creating a scam Bitcoin account, to have hacked into Twitter VIP accounts, to have sent solicitations from the Twitter VIP accounts with a false promise to double any Bitcoin deposits made to the scam account, and then to have stolen the Bitcoin that victims deposited into the scam account.

FDLE says the investigation involved partnership between several local, state and federal agencies, including the FBI, IRS, U.S. Secret Service the United States Attorney’s Offices for the Middle District of Florida and for Northern California, and the State Attorney’s Office 13th Judicial Circuit, which will prosecute the case.