Three arrests were made Friday (July 31) in California, including a juvenile, the alleged mastermind, for their alleged roles in the Twitter hack that took place on July 15, according to the U.S. Attorney’s Office in the Northern District of California.
In the worst cyberattack in Twitter’s 14-year history, hackers commandeered more than 100 high-profile accounts.
While the U.S. Attorney’s Office said the identities of defendants under 18 are not made public, The Wall Street Journal reported the boy’s name is Graham Ivan Clark, a 17-year-old Tampa resident. He was arrested and charged as an adult in connection with the incident, during which several prominent accounts, including those of Joe Biden, Elon Musk, and Apple Inc., were seized to promote a cryptocurrency scam.
“There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence,” said U.S. Attorney David L. Anderson in a statement. “Criminal conduct over the Internet may feel stealthy to the people who perpetrate it, but there is nothing stealthy about it. In particular, I want to say to would-be offenders, break the law, and we will find you.”
In addition to Clark, Mason Sheppard, aka “Chaewon,” 19, of the United Kingdom, was charged with conspiracy to commit wire fraud, money laundering and the intentional access of a protected computer.
Nima Fazeli, aka “Rolex,” 22, of Orlando, Florida, faces charges of aiding and abetting the intentional access of a protected computer.
The trio allegedly compromised more than 100 social media accounts and scammed the account users into sending bitcoin to a single wallet. The scammers made off with about $100,000 in their fraudulent cryptocurrency solicitations.
The arrests come on the same day Twitter updated users about the investigation of the massive security breach.
In a Tweet, the San Francisco-based social networking service said “We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses. For our part, we are focused on being transparent and providing updates regularly.”
Since the attack, Twitter said it has limited access to internal tools and systems to ensure ongoing account security while the investigation is completed.
Anderson detailed the investigation and charges in a statement posted on YouTube.