A British national, a Florida man and teen were arrested by law enforcement agents in connection to the recent online attack targeting the social media giant Twitter.
The trio were identified as the hackers that accessed the platform’s internal systems and took over the Twitter accounts belonging to notable individuals across many spheres of life – including politicians, celebrities and tech gurus.
The authorities lifted the lid on the suspects’ whereabouts after they managed to pull off one of the most talked-about hacking campaigns in recent history – in which victims were scammed $120,000 in Bitcoin.
In highlight, among the three suspects was 17-year-old Graham Ivan Clark who was apprehended in Tampa – with a news release intimating that he will be prosecuted as an adult.
Individually, Clark is facing thirty felony charges in a high profile case that is set to serve as a case study for cybercriminal incidents orchestrated by minors.
The Brazen Twitter Attack
The July 15 event was considered to be among one of the most significant cybersecurity breaches in recent history, where attackers sent out fake posts from compromised Twitter VIP accounts – including that of former U.S. President Barack Obama, Democratic presidential candidate Joe Biden, Microsoft Founder Bill Gates, tech entrepreneur Elon Musk and rapper Kanye West.
The tweets asked followers for Bitcoin deposits to be made to a prescribed Bitcoin address, after which the crypto would be doubled and sent back to the senders.
While responding to the online attack, Twitter acknowledged the security breach and termed the incident as a “coordinated social engineering attack” that was designed to target a number of its employees with access to internal systems.
The social media giant did not provide further information beyond this point, but observers believe that the hackers used the traditional cyber technique of talking their way through the company’s security protocols.
A Sloppy Hacking Job
In a statement, U.S. Attorney David L. Anderson for the Northern District of California noted the cybercriminal error in thinking that attacks like the Twitter breach can be conducted anonymously and without consequences.
The official asserted that the charging of the suspects made a huge statement concerning law enforcement operations against the rampant occurrence of hackers targeting secure environments for profit.
The fact that Clark was the leader of the Twitter hack highlights the uniqueness of the case. Although investigations into the attack were done by the FBI and the U.S. Department of Justice, the case will be reportedly moved to a Florida state court to allow the minor to be charged as an adult according to Florida law.
Otherwise, it turns out that security pundits were rather unsurprised by recent investigative details to the case – specifically on the realization that the accused mastermind of the hack is a 17-year-old. Experts noted the amateurish nature of the operation to back this point, including the fact that the threat actors were willing to speak about the attack with reporters online.
One Jake Williams, the founder of cybersecurity company Rendition Infosec reflected on the case by highlighting the role of technology in enabling the planning and execution of serious criminal acts.
Like other experts, Williams was not surprised by the fact that one of the suspects linked to the attack is a minor. According to the computer science and information security experts, not much work was invested into development of the attack.
Williams termed the hackers’ actions as “extremely sloppy” in how they attempted to launder the stolen Bitcoins. The commentator noted that the hackers failed to employ the currently-existing crypto tumbling services that would help them obscure the destination of the Bitcoins, in order to avoid law enforcement detection.
Join us on Dread, Tape and Hotmilk forums