Two teens and a man in his early 20s have been arrested for the account hijacking cyber-attack on high-profile Twitter users that took place in mid-July.
The three males are Mason Sheppard (aka “Chaewon”), 19, of Bognor Regis in the UK, Nima Fazeli (aka “Rolex”), 22, of Orlando, Florida, and a 17-year-old boy from Tampa, Florida.
Sheppard has been charged with conspiracy to commit wire fraud, conspiracy to commit money laundering and the intentional access of a protected computer, while Fazeli has been charged with aiding and abetting the intentional access of a protected computer.
The 17-year-old’s charges have been sealed to protect his identity, although reports suggest he was the ringleader of the attack and faces 30 felony charges. He is being tried in a state court as Florida law reportedly allows minors to be charged as adults in some financial crime cases.
The three are said to have spear-phished Twitter employees by phone to gain access to internal support tools. They then used these to access 130 high-profile accounts, tweeting from over 40 including several corporate accounts like Apple, Bitcoin and Coinbase, as well as business leaders and celebrities.
These included Jeff Bezos, Bill Gates, Barack Obama, Joe Biden, Elon Musk, Kanye West and many others. The messages were designed to trick followers into sending digital currency to a scam Bitcoin account the three had created.
They are said to have received $100,000 from more than 400 transfers of funds.
More worryingly, the three managed to also gain access to private DMs from 36 accounts and downloaded data from seven.
Kelly Jackson, IRS-Criminal Investigation (IRS-CI) special agent in charge of the Washington DC Field Office, argued that her team was able to unravel the mystery of the attack by analyzing the hackers’ attempts to launder their funds.
“The Washington DC Field Office Cyber Crimes Unit analyzed the blockchain and de-anonymized bitcoin transactions allowing for the identification of two different hackers,” she continued.
“This case serves as a great example of how following the money, international collaboration and public-private partnerships can work to successfully take down a perceived anonymous criminal enterprise. Regardless of the illicit scheme, and whether the proceeds are virtual or tangible, IRS-CI will continue to follow the money and unravel complex financial transactions.”