Jul 31, 2020 - Technology

3 people charged in Twitter bitcoin hack

Illustration of the shadow of the Twitter bird logo over a big red button
Illustration: Sarah Grillo/Axios

Three individuals were charged on Friday for their alleged roles in a July 15 Twitter attack, including a Florida minor, according to the Justice Department.

Why it matters: The minor, a Tampa resident, faces 30 felony charges for “scamming people across America” as the “mastermind” behind a hack that targeted high-profile accounts, including former President Barack Obama, former Vice President Joe Biden, Jeff Bezos and Elon Musk.

  • The FBI and the Department of Justice conducted a countrywide investigation, the state attorney's office stated, finding and apprehending the minor in Hillsborough County.

Charges the minor faces include:

  • One count of organized fraud;
  • 17 counts of communications fraud;
  • One count of fraudulent use of personal information with more than $100,000 or at least 30 victims;
  • 10 counts of fraudulent use of personal information;
  • One count of access to computer or electronic device without authority.

Mason Sheppard, 19, from the U.K., faces charges for conspiracy to commit wire fraud, conspiracy to commit money laundering and the intentional access of a protected computer.

Nima Fazeli, 22, from Orlando, Florida, was charged with aiding and abetting the intentional access of a protected computer.

What they're saying: “There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence,” United States Attorney David Anderson said in a statement Friday.

  • “Today’s charging announcement demonstrates that the elation of nefarious hacking into a secure environment for fun or profit will be short-lived."
  • "Criminal conduct over the Internet may feel stealthy to the people who perpetrate it, but there is nothing stealthy about it. In particular, I want to say to would-be offenders, break the law, and we will find you.”

The big picture: Twitter announced Thursday that the attack "targeted a small number of employees through a phone spear phishing attack. This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems."

  • "By obtaining employee credentials, they were able to target specific employees who had access to our account support tools. They then targeted 130 Twitter accounts - Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7."

Go deeper: Twitter's torrent of woes

Go deeper