THE MASTERMIND BEHIND A massive Twitter hack earlier this month that compromised the site’s security, took over the accounts of some of the most influential people in the world and raised grave concerns about the ability of bad actors to spread damaging misinformation was a 17-year-old boy from Florida, officials announced Friday.
The teenager was arrested Friday and has been charged as an adult with more than 30 felony counts, including communications fraud, identity theft and hacking, Hillsborough State Attorney Andrew Warren announced. The FBI, IRS, Secret Service and the U.S. attorney’s office for the Northern District of California worked with Florida law enforcement to ultimately identify and charge the teen, who lives in Tampa, Florida, Warren said.
Warren described the teen as the “mastermind” behind the attack.
“He’s a 17-year-old kid who just graduated high school, but make no mistake, this was not an ordinary 17-year-old. This was a highly sophisticated attack on a magnitude not seen before,” Warren said.
Two other people were charged Friday in connection with the attack, the U.S. Attorney’s Office for the Northern District of California said in a press release. Mason Sheppard, aka “Chaewon,” a 19-year-old resident of the U.K., was charged with conspiracy to commit wire fraud, conspiracy to commit money laundering and the intentional access of a protected computer. Nima Fazeli, a 22-year-old who lives in Orlando, Florida, and goes by “Rolex,” was charged with aiding and abetting the intentional access of a protected computer.
The July 15 hack was the biggest known breech in Twitter’s history and left the social media giant scrambling to re-secure the site. Twitter temporarily blocked verified accounts from tweeting in the wake of the attack.
The accounts of dozens of prominent figures, including Amazon CEO Jeff Bezos, former President Barack Obama and rapper Kayne West, were co-opted during the hack, and the accounts posted messages encouraging their followers to send the digital currency bitcoin to an anonymous address under the guise of a fake philanthropy scheme in which the accounts promised to double and send back the money. The scam netted more than $100,000 in bitcoin.
“Keep in mind that, besides the dollar amount that was stolen, this could have had a massive, massive amount of money stolen from people. It could have destabilized financial markets both in American and across the globe because he had access to powerful politicians’ Twitter accounts. He could have undermined American politics as well as international diplomacy,” Warren said.
Twitter said Thursday that the person or people behind the hack were able to target the phones and steal the credentials of Twitter employees. The hackers then targeted 130 Twitter accounts, tweeting from 45, accessing the direct messaging inbox of 30 and downloading the Twitter data of seven, the company said.
“This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” Twitter said.