Cryptocurrency Fraud , Fraud Management & Cybercrime , Social Engineering

Florida Teen Pleads Guilty in 2020 Twitter Hack

Graham Clark Sentenced to Serve 3 Years in Juvenile Facility
Florida Teen Pleads Guilty in 2020 Twitter Hack
Graham Ivan Clark (Photo: Hillsborough County Sheriff’s Office)

The Florida teen whom prosecutors call the mastermind behind last year's hack of 130 high-profile Twitter accounts to wage a cryptocurrency scam pleaded guilty Tuesday and was sentenced to serve three years in a juvenile facility.

See Also: Live Webinar | A Buyers' Guide: What to Consider When Assessing a CASB

Graham Ivan Clark , who is now 18, pleaded guilty to 30 felony charges stemming from a worldwide Twitter hack during which he gained access to celebrity Twitter accounts by tricking several Twitter employees into sharing needed admin credentials.

Clark used this access to post a tweet on 45 of the accounts asking for donations of $1,000 in bitcoin. The note said anyone sending the money would be sent $2,000 in return. This resulted in about $118,000 being stolen from 360 people, the state attorney's office in Tampa, Florida, says.

"He took over the accounts of famous people, but the money he stole came from regular, hardworking people, says Andrew Warren, the state attorney in Florida's 13th Judicial District, who prosecuted the case. "Graham Clark needs to be held accountable for that crime, and other potential scammers out there need to see the consequences."

By agreeing to the deal, Clark was sentenced as a juvenile under Florida's Youthful Offender Act, with the seven months he has already spent in jail being counted against the sentence. He was originally charged as an adult. If Clark violates the terms of his three-year probation, he will face a 10-year sentence in an adult prison, prosecutors say.

The Scam

Clark was arrested on July 30, 2020 - when he was 17 years old - for conducting the campaign that allowed him to gain access to 130 Twitter accounts, including those of now President Joe Biden, Bill Gates and Elon Musk.

Using social engineering techniques, Clark conducted a multistep telephone scam against several Twitter employees to obtain the admin-level credentials needed for accessing the internal support tools available to only a few employees that would allow him to take over the celebrity accounts, Twitter said in a report issued last year.

On July 15, 2020, Clark used the stolen admin tool to access Twitter's internal system and formally took control of the accounts, Warren says. Posing as account owner, he posted messages on 45 accounts with the same theme:

Bill Gates' verified Twitter account was hijacked for a cryptocurrency scam. (Source: SeekingAlpha)

About 360 people fell for the crytocurrency scam, sending in 12.86 bitcoin, which equaled $117,440 at the time, Warren says. Law enforcement authorities seized the money, and it will be returned to its owners, the prosecutor says.

The Co-Conspirators

Two alleged co-conspirators also charged in connection to the July 2020 hack are Nima Fazeli, aka Rolex, 22, of Orlando, and U.K. resident Mason Sheppard, aka Chaewon, 19.

Fazeli was arrested and charged with aiding and abetting the intentional access of a protected computer. Sheppard was charged with conspiracy to commit wire fraud, conspiracy to commit money laundering and the intentional access of a protected computer, according to the U.S. Attorney's Office for the Northern District of California, which is overseeing the federal prosecutions.

Court documents dated Feb. 1 state Fazeli and prosecutors are negotiating a potential resolution of the case. A hearing on the matter was set for March 8, but at this time, no other information from the Justice Department is available.

Fazeli's lawyers did not immediately reply to a request for an update on his case.

Sheppard's case is still pending.


About the Author

Doug Olenick

Doug Olenick

News Editor, ISMG

Olenick has covered the cybersecurity and computer technology sectors for more than 25 years. Prior to joining ISMG as news editor, Olenick was online editor for SC Media, where he covered every aspect of the cybersecurity industry and managed the brand's online presence. Earlier, he worked at TWICE - This Week in Consumer Electronics - for 15 years. He also has contributed to Forbes.com, TheStreet and Mainstreet.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.