Prosecutors in the United States said that a 17-year-old teenager and two others hacked all celebrity Twitter accounts, and exploited them in a scam to get a cryptocurrency.
Florida representatives said Graham Evan Clark, 17, of Tampa, was the "mastermind" of a Twitter hack last July 15 and faces 30 counts of felony, including 10 counts of using personal information in scams and 17 counts of fraud via the communications network .
Clark was arrested early on Friday, according to the Hillsborough County District Attorney's office.
In addition to Clark, federal authorities in the Northern California area also accused Mason Shepherd, 19, of Bognor Regis in the UK of conspiracy to commit fraud, conspiracy to commit money laundering, and the deliberate access of a protected computer. Neama Fadheli, 22, is from Orlando, charged with aiding and abetting the deliberate access of a computer that is protected for fraud.
These crimes were committed using famous names, but they are not the primary victims here. Attorney General Andrew Warren said in a statement that this crime was a prelude to a bitcoin fraud designed to steal money from ordinary Americans from all over the country, including Florida.
Warren, a Florida state attorney dealing with the case, added that Clark was adept enough not to be noticed on Twitter.
Security reports from Florida said Clark had convinced a Twitter employee that he was a tech partner and needed employee data to access the customer service portal. Once he got these data, he and his colleagues broke into 130 accounts.
Despite the intelligence of the intruders, their plan quickly collapsed. They left behind, according to court documents, clues about their true identities and rushed to conceal the money they had obtained as soon as the piracy process appeared to the public, which helped them to track quickly.
Less than a week after the accident, federal agents went to a house in northern California, interviewing another teenager who admitted taking part in the operation, whose name was not mentioned in the documents because he was a minor, and he gave the authorities information that helped them identify Shepherd.
Neama Fadel was arrested on Friday and released to house arrest after appearing in a Florida court, according to Abraham Simons, spokesman for the California District Attorney's Office.
Simmons told BuzzFeed News that he could not comment on the case.
And because Clark is under the age of 18, he was charged by the Florida state attorney in Tampa, and not by the federal authorities. His age also means that many details about his case will be kept confidential.
Federal authorities were already following Clark's Internet activity before hacking into Twitter, according to legal documents.
Account theft turned into the biggest breakthrough
Friday's documents largely confirm what many of the hackers involved in the attack told the New York Times two weeks ago, as the hack began as early as July 15 as a simple scheme to steal original user names and sell them normally.
But with the end of the day, the original account theft plan turned into the largest attack in the history of Twitter, as the attackers led by Clark, known as "Kirk", seized dozens of accounts of celebrities, famous companies and currency companies, to be used in a fraud to collect bitcoin where the digital currency flowed over Accounts of hackers.
The net worth of the currency they received was more than $ 180,000, according to New York Times.
The company said that while Twitter was finally able to stop the attack, the hackers had tweeted from 45 of the accounts they broke into, managed to access the direct messages of 36 accounts, and downloaded the full information from 7 accounts.
The authorities were able to identify the three individuals by tracking messages sent on Discord, an online messaging platform popular with hackers and hackers.
Cyber security experts said that the youth who participated in the violation are members of a community of hackers who focus on hacking accounts using a technique known as SIM Swapping, often targeting telecom companies to threaten victims' phone numbers and intercept login credentials.