The massive Twitter security breach that took over the accounts of President Barack Obama, Joe Biden, Bill Gates, Elon Musk, Kanye, Apple and more on July 15th. The one that appeared to be the work of a hoard of state-sponsored attackers or an organized crime outfit. Yeah, it was two teens and a 22-year-old from Florida. And they’re throwing dozens of charges at them before they, you know, ultimately hire them to work for the government.
Early this morning, the FBI, IRS, US Secret Service, and Florida law enforcement placed 17-year-old Graham Ivan Clark from Tampa, Florida (Hillsborough County) [Geek Slop guild members, see additional secured information, including unredacted arrest documents, below], under arrest — accusing him of being the “mastermind” behind the biggest security breach in Twitter’s history. Shortly after the arrest, two more individuals were formally charged by the US Department of Justice, including 22-year-old Nima Fazeli in Orlando and 19-year-old Mason Sheppard in the UK. They go by the hacker aliases “Rolex” and “Chaewon” respectively, according to the DOJ.
Fazell faces 5 years in prision and a $250,000 fine for one count of computer intrusion. Shepard faces three charges – computer intrusion, wire fraud conspiracy, and money laundering conspiracy and faces a 20-year sentence and a $250,000 fine. According to documents, Sheppard had used a personal drivers’ license to verify himself with the Binance and Coinbase cryptocurrency exchanges, and his accounts were found to have sent and received some of the scammed Bitcoins. So it seems like he and maybe Fazell turned evidence over to the feds about Clark who faces the steepest charges. Clark, who had just graduated high school, is being charged with over 30 felony accounts including organized fraud, communications fraud, identity theft, and hacking. He is being charged as an adult in the case.
it’s worthy to note also that part of the information used in the case came from the OGUsers forum database that was hacked around April 2020, right after this whole debacle began. The FBI claims that they “obtained a copy of this database” which contained public forum postings, ip addresses, email addresses, etc. This led them to Mason Shepherd.
Also, it seems as if a fourth person from California could be involved, possibly as a participant in the scam that agreed to turn evidence over to the authorities.
In addition to scamming users out of Bitcoin, the attackers accessed the private direct messages of 36 Twitter users, including one elected official, and may have downloaded even larger caches of data for 7 other users.
Finally, it’s important to note that Discord participated in the arrests too. On July 17, 2020, according to legal documents, Discord “provided the content of Discord messaging accounts, which included Discord chats”.
Here is the Hillsborough State Attorney’s Office press release.
Hillsborough State Attorney’s Office tapped to prosecute worldwide “Bit-Con” hack of prominent Twitter users
Tampa, FL (July 31, 2020) — Hillsborough State Attorney Andrew Warren has filed 30 felony charges against a Tampa resident for scamming people across America, perpetrating the “Bit-Con” hack of prominent Twitter accounts including Bill Gates, Barack Obama, and Elon Musk on July 15, 2020.
The Federal Bureau of Investigation and the U.S. Department of Justice conducted a complex nationwide investigation, locating and apprehending the suspect in Hillsborough County.
“These crimes were perpetrated using the names of famous people and celebrities, but they’re not the primary victims here. This ‘Bit-Con’ was designed to steal money from regular Americans from all over the country, including here in Florida. This massive fraud was orchestrated right here in our backyard, and we will not stand for that,” State Attorney Warren said.
The investigation revealed REDACTED, 17, was the mastermind of the recent hack of Twitter. He was arrested in Tampa early on July 31. REDACTED’s scheme to defraud stole the identities of prominent people, posted messages in their names directing victims to send Bitcoin to accounts associated with REDACTED, and reaped more than $100,000 in Bitcoin in just one day. As a cryptocurrency, Bitcoin is difficult to track and recover if stolen in a scam.
“I want to congratulate our federal law enforcement partners—the US Attorney’s Office for the Northern District of California, the FBI, the IRS, and the Secret Service—as well as the Florida Department of Law enforcement. They worked quickly to investigate and identify the perpetrator of a sophisticated and extensive fraud,” State Attorney Warren said.
“This defendant lives here in Tampa, he committed the crime here, and he’ll be prosecuted here,” Warren added. The Hillsborough State Attorney’s Office is prosecuting REDACTED because Florida law allows minors to be charged as adults in financial fraud cases such as this when appropriate. The FBI and Department of Justice will continue to partner with the office throughout the prosecution.
The specific charges REDACTED faces are:
ORGANIZED FRAUD (OVER $50,000) – 1 count
COMMUNICATIONS FRAUD (OVER $300) – 17 counts
FRAUDULENT USE OF PERSONAL INFORMATION (OVER $100,000 OR 30 OR MORE VICTIMS) – 1 count
FRAUDULENT USE OF PERSONAL INFORMATION – 10 counts
ACCESS COMPUTER OR ELECTRONIC DEVICE WITHOUT AUTHORITY (SCHEME TO DEFRAUD) – 1 count
“Working together, we will hold this defendant accountable,” Warren said. “Scamming people out of their hard-earned money is always wrong. Whether you’re taking advantage of someone in person or on the internet, trying to steal their cash or their cryptocurrency—it’s fraud, it’s illegal, and you won’t get away with it.”