Teenager Arrested for Twitter Hack Targeting Uncle Joe and Others

[Overtures]

https://www.nytimes.com/2020/07/31/...tml?action=click&module=Alert&pgtype=Homepage


17 year old Clark.


“The authorities arrested a 17-year-old who they said ran a scheme that targeted the accounts of celebrities, including former President Barack Obama and Elon Musk.”

OAKLAND, Calif. — One by one, the celebrity Twitter accounts posted the same strange message: Send Bitcoin and they would send back double your money. Elon Musk. Bill Gates. Kanye West. Joseph R. Biden Jr. Former President Barack Obama. They, and dozens of others, were being hacked, and Twitter appeared powerless to stop it.

While some initially thought the hack was the work of professionals, it turns out the “mastermind” of one of the most high-profile hacks in recent years was a 17-year-old recent high school graduate from Florida, the authorities said on Friday.

Graham Ivan Clark was arrested in his Tampa apartment, where he lived by himself, early Friday, state officials said. He faces 30 felony charges in the hack, including fraud, and is being charged as an adult.

 

[Gregolian]

Maybe Twitter should offer the kid a job.... just kinda throwing it out there.

 

[Kandyland]

Maybe Twitter should offer the kid a job.... just kinda throwing it out there.

They'll rescind it once they find out he voted for Trump.

 

[HARRISON_3]

Detention looms

 

[Overtures]

Federal authorities were already tracking Mr. Clark before the Twitter hack. In April, the Secret Service seized over $700,000 worth of Bitcoin from him, according to legal documents. The Tampa youth faces 30 felony charges, including fraud, and is being charged as an adult.

 

[Zer]

 

[all caps]

Log in or create a free New York Times account to continue reading in private mode.
Support independent journalism.

See subscription options
More in Technology

Andrew Kelly/Reuters
Microsoft Said to Be in Talks to Buy TikTok, as Trump Weighs Curtailing App
3h ago

‘Hey, You Free on Friday for a Meeting and a Bank Heist?’
3h ago

Amazon Wins Without Even Trying
5h ago
Editors’ Picks

September Dawn Bottoms/The New York Times
Tailors Know New Yorkers’ Pandemic Secret: ‘Everybody Got Fat!’
July 25

Taylor Swift, a Pop Star Done With Pop
July 27

How to Talk to Your Friends About Money
5h ago



Access more of The Times by creating a free account or logging in.
Access more for fr

 

[nac386]

Throw the book at him. People like this have the ability to do much more harm than your average old school crook.

 

[jamel]

Sounds like he will be offered a job.

 

[MoparOrNoCar]

Log in or create a free New York Times account to continue reading in private mode.
Support independent journalism.

See subscription options
More in Technology

Andrew Kelly/Reuters
Microsoft Said to Be in Talks to Buy TikTok, as Trump Weighs Curtailing App
3h ago

‘Hey, You Free on Friday for a Meeting and a Bank Heist?’
3h ago

Amazon Wins Without Even Trying
5h ago
Editors’ Picks

September Dawn Bottoms/The New York Times
Tailors Know New Yorkers’ Pandemic Secret: ‘Everybody Got Fat!’
July 25

Taylor Swift, a Pop Star Done With Pop
July 27

How to Talk to Your Friends About Money
5h ago



Access more of The Times by creating a free account or logging in.
Access more for fr

Hard hitting reporting there. Good job NYT.

 

[TUFNewb]

He was just teaching future bitcoin holders the value of a trustless irreversible currency. Statist thugs can imprison his physical form but they will never take his private key.

 

[Long Dark Blues]

Hack the planet!

 

[Low Test With da Best]

I'm interested to hear what vulnerability was exploited, and whether or not they've fixed it.

Pretty fucked up a massively popular platform used by world leaders relies on jacked up 3rd world code.

Also curious to see if any famous users say "fuck it, it's not worth the risk of my personal messages getting hacked and exposed, I'm outta this dump!"

 

[Satanical Eve]

Kate Libby : Why'd he come to you?
Dade Murphy : I got a record! I was 'Zero Cool'!
Paul Cook : Zero Cool? Crashed fifteen hundred and seven computers in one day? Biggest crash in history, front page New York Times August 10th, 1988. I thought you was black man. YO THIS IS ZERO COOL

 

[Overtures]

I'm interested to hear what vulnerability was exploited, and whether or not they've fixed it.

Pretty fucked up a massively popular platform used by world leaders relies on jacked up 3rd world code.

Also curious to see if any famous users say "fuck it, it's not worth the risk of my personal messages getting hacked and exposed, I'm outta this dump!"

probably just exploited human error or a lapse somewhere in employee security protocols




I think the majority of hacking these days is phishing type stuff or really just knowing an ex employee

 

[Low Test With da Best]

probably just exploited human error or a lapse somewhere in employee security protocols




I think the majority of hacking these days is phishing type stuff or really just knowing an ex employee

I guess it could be, but that would mean that a Twitter employee could make posts from any user's Twitter page...seems like that shouldn't be the case, at all.

 

[Plissken]

Federal authorities were already tracking Mr. Clark before the Twitter hack. In April, the Secret Service seized over $700,000 worth of Bitcoin from him, according to legal documents. The Tampa youth faces 30 felony charges, including fraud, and is being charged as an adult.

Ambition, and work ethic like that at his age and he should be going places (I mean to prison probably, but hey).

 

[TUFNewb]

probably just exploited human error or a lapse somewhere in employee security protocols

A very complex social engineering attack it seems. This is from Twitter's blog:

The social engineering that occurred on July 15, 2020, targeted a small number of employees through a phone spear phishing attack. A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools. Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes. This knowledge then enabled them to target additional employees who did have access to our account support tools. Using the credentials of employees with access to these tools, the attackers targeted 130 Twitter accounts, ultimately Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7
https://blog.twitter.com/en_us/topics/company/2020/an-update-on-our-security-incident.html

Pretty crazy they must have done a lot of research and poked around calling phone numbers to figure all this out. Looking forward to an episode of American Greed about all this.

I think the majority of hacking these days is phishing type stuff or really just knowing an ex employee

Yes for companies the biggest cyber threats are probably spear phishing, ransomware, and "insider threats".

 

[tonni]

Pure villain.

 

[tonni]

They'll rescind it once they find out he voted for Trump.

He's 17?