The “Bit-Con” hack of prominent Twitter users earlier this month has led to criminal charges from money laundering to organized fraud against three people, two of whom were only teens.
Hillsborough State Attorney Andrew Warren said Friday that 17-year-old Graham Ivan Clark was the mastermind in the hack of dozens of politicians and business leaders, including Microsoft founder Bill Gates, former President Barack Obama, and Tesla founder Elon Musk.
“These crimes were perpetrated using the names of famous people and celebrities, but they’re not the primary victims here. This ‘Bit-Con’ was designed to steal money from regular Americans from all over the country, including here in Florida. This massive fraud was orchestrated right here in our backyard, and we will not stand for that,” Warren said.
Clark was charged with 1 count of organized fraud, 17 counts of communications fraud, 10 counts of fraudulent use of personal information, and 1 count of accessing a computer or electronic device without authority.
The U.S. Attorney for the Northern District of California charged 19-year-old Mason Sheppard of the United Kingdom with "conspiracy to commit wire fraud, conspiracy to commit money laundering, and the intentional access of a protected computer."
He also charged 22-year-old Nima Fazeli with aiding and abetting the intentional access of a protected computer.
Once the Twitter accounts were hacked, the scammers sent out tweets saying that the wealthy people would double donations to coronavirus relief funds, with a link to donate through bitcoin. The scam netted them more than $100,000.
The hackers used bitcoin because the cryptocurrency is supposed to be hard to track, but federal investigators say they were able to track the hackers down through bitcoin's decentralized public ledger.
Investigators “analyzed the blockchain and de-anonymized bitcoin transactions allowing for the identification of two different hackers," said Kelly R. Jackson, the special agent in charge of IRS criminal investigations in Washington, D.C. "This case serves as a great example of how following the money, international collaboration, and public-private partnerships can work to successfully take down a perceived anonymous criminal enterprise."
Twitter said in a blog post Thursday that the hackers gained access to 130 accounts, tweeted from 45, and could see the direct messaging inboxes of 36.
"The social engineering that occurred on July 15, 2020, targeted a small number of employees through a phone spear-phishing attack," Twitter said. "This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems.