Photographer: Gabby Jones/Bloomberg
Photographer: Gabby Jones/Bloomberg
The alleged mastermind behind the July 15 hack of Twitter accounts of business titans, celebrities and a former president didn’t need sophisticated hacking tools to pierce the company’s security system. Rather, he convinced an information technology employee at Twitter that he was a colleague who needed login credentials to access the company’s customer support platform, according to law enforcement officials.
It worked, in spectacular fashion.
Graham Ivan Clark, 17, allegedly hijacked 130 Twitter accounts as part of a cryptocurrency scam, according to a criminal affidavit filed in Tampa, Florida. The accounts that were hacked included those of former President Barack Obama, Amazon.com Inc. Chief Executive Officer Jeff Bezos and Tesla Inc. CEO Elon Musk.
Clark, who authorities said had just graduated from high school, now faces 30 felony charges for hacking those accounts, posting messages on their behalf and luring additional victims into sending him Bitcoin donations worth more than $100,000, according to law enforcement. Two others were charged by federal authorities for allegedly aiding in the scheme by serving as brokers on the sale of compromised Twitter accounts: Mason Sheppard, 19, of the U.K., and Nima Fazeli, 22, of Orlando.
Lawyers or family members for the defendants couldn’t be located for comment. Clark’s mother, Emiliya Clark, told NBC News that her son was innocent. “I believe he didn’t do it. I’ve spoken to him every day,” she said. “I’m devastated.”
Twitter thanked law enforcement for swiftly making arrests. In its most recent update on the hack, on July 30, the company acknowledged that employees were duped into sharing sensitive information over the phone and that it has decided to temporarily limit access to its internal tools as it seeks to understand the scope of the breach, while improving its security protocols to “make them even more sophisticated.”
Of the 130 accounts that were targeted, 45 had Tweets sent from them, according to Twitter. Direct message inboxes were accessed in 36 of the accounts, and Twitter data was downloaded from seven of them, the company said.
Having suffered other embarrassing breaches in recent years, Twitter, the preferred social media platform for President Donald Trump, among other political and business leaders, must now reckon with the possibility that a teenager beat teams of engineers and layers of cybersecurity protections. Former Twitter security employees have said too many people have access to user accounts, including employees and outside contractors, and that the company management has often dragged its heels on upgrades to information security. Twitter disputed the former employees’ characterization of the company’s oversight of accounts.
The defendants were allegedly part of an underground subculture of hackers — known as “OGUsers” — who are dedicated to stealing, buying and selling online accounts with desirable usernames. In the OGUser world, a short username on Instagram or Twitter sells for tens of thousands of dollars in cryptocurrency. Winning ownership of usernames, like “@6” or “@dark,” yield their own form of virtual bragging rights.
The hackers in this community are particularly skilled in social engineering, which relies on the art of impersonation and deception rather than traditional hacking, according to cybersecurity experts. Those tools have been successfully leveraged against individuals to steal their social media usernames or credit card details, but not typically in such a brazen fashion.
In one instance, according to the federal complaint, a user named Kirk#5270 said in an online forum, “I work for Twitter. I can claim any @ for you.” Another user, Rolex#0373, who authorities said is an alias used by Fazeli, responded, “Prove it.” During their exchange, Kirk#5270 provided Rolex#0373 with access to the Twitter handle @Foreign for $500, according to authorities. Kirk#5270 isn’t identified in the complaint, though federal authorities said he played a central role in the Twitter hack.
“Chaewon,” an alleged alias of Sheppard’s, posted an OGUser thread entitled, “Pulling email for any Twitter/Taking Requests.” In it, Chaewon “advertised that he could change email addresses tied to any Twitter account for $250 and provide direct access to accounts for between $2,500 and $3,000,” according to a federal government filing.
Clark has allegedly been active in hacking since before he was a teenager, according to Logan Derouanna, 19, who lives in Florida and said he is no longer part of the OGUser scene.
Derouanna said Clark stole his Instagram account in 2014. “I had my Instagram account hacked when I was 13, and he was literally only 11,” Derouanna said, adding that his account had more than 500,000 followers at the time. “All I did was click a link he sent me.”
Two other hackers independently confirmed Clark has been active since at least 2014.
State authorities have charged Clark as an adult under Florida law, rather than federal, because “Florida law allows us greater flexibility to charge a minor as an adult in a financial fraud case,” said Hillsborough District Attorney Andrew Warren. “He gained access to Twitter accounts and to the internal controls of Twitter through compromising a Twitter employee.”
U.S. Attorney David Anderson, of the Northern District of California, said there is a “a false belief” among hackers that they can pull off attacks like the Twitter hack “anonymously and without consequence.”
The charging announcement “demonstrates that the elation of nefarious hacking into a secure environment for fun or profit will be short-lived,” he said.
(Adds background on Clark)
Japan’s Dormant BTC Trading Accounts Wake up as Bitcoin Price Rallies
Japan’s “dormant” crypto accounts are starting to see activity as Bitcoin breached a critical price resistance level this week. According to the Japanese crypto exchange Coincheck, their trading volume this week has risen by two to three times in comparison to the previous one.
Speaking to a selected number of the Japanese outlets, Yusuke Otsuka, the co-founder of Coincheck explained that existing users who hadn’t traded for a while became active again this week: “Some of our users already have accounts so the initial velocity is high.”
If users already have accounts, they don’t have to take time to go through Know Your Customer check to open new accounts and can resume buying cryptocurrencies immediately. In contrast, those new to the trading platform had to wait for their account to become approved, so there was a time lag before they could start trading. “This time is different”, Otsuka emphasized.
According to Coincheck, the volume of the direct sale this week was twice as big as seen during the previous one, while the demand for the exchange service increased threefold. Otsuka also believes this is correlated with the Japanese Coivd-19 stimulus payments. In April, the Japanese government began distributing 100,000 yen payments — about $930 — to every household.
Moreover, Oki Matsumoto, CEO of Monex Group, a parent company of Coincheck points out the possibility that those who missed buying gold are now interested in Bitcoin. The gold price has surged recently, breaking previous highs while Bitcoin just started breaking the resistance at the beginning of this week.
Matsumoto also commented on the recent development of central bank digital currencies:
“I think David Marcus made a mistake. He should have said it was Facebook Token. Because they said it was ‘the future currency,’ the U.S. government criticized it heavily”.
Matsumoto added that “the role of Libra might be just to open Pandora’s Box and that was it”. Meanwhile, the United States is behind the competition precisely because “they crushed Libra by themselves and could no longer say they would start developing CBDC”, Matsumoto analyzed.
Some industry insiders are worried about American reluctance to move forward with CBDC. Takaya Nakamura, an executive from Japanese crypto exchange Fisco recently claimed that Japan’s role should be to urge the United States to take CBDCs more seriously.
Title Token for Blockchain Estate Registry, Part 2
Home / Uncategorized / Title Token for Blockchain Estate Registry, Part 2
Focusing on title tokens, a theory of smart laws, digital authorities and how to protect the system from digital dictatorship.
Tags Blockchain Estate Part Registry Title Token
Previous Crypto Tidbits: Bitcoin Explodes Past $11k, Ethereum 2.0 Nears, Cardano’s Shelley Launches
Next Coinbase Takes DeFi Focus as it Looks to List 19 New Crypto Assets
1 hour ago
10 hours ago
12 hours ago
Despite the significant growth of decentralized crypto exchanges, their centralized counterparts still control the majority …
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.
WOLLO (WLO) Trading Down 9.2% This Week
WOLLO (CURRENCY:WLO) traded up 0.4% against the US dollar during the 1 day period ending at 10:00 AM Eastern on August 1st. One WOLLO token can currently be bought for approximately $0.0029 or 0.00000025 BTC on exchanges including Stellar Decentralized Exchange, Stellarport and Bitfinex. WOLLO has a market capitalization of $125,344.68 and approximately $62.00 worth of WOLLO was traded on exchanges in the last day. During the last seven days, WOLLO has traded down 9.2% against the US dollar.
Here’s how other cryptocurrencies have performed during the last day:
WOLLO Token Trading
WOLLO can be bought or sold on the following cryptocurrency exchanges: Stellar Decentralized Exchange, Bitfinex and Stellarport. It is usually not currently possible to purchase alternative cryptocurrencies such as WOLLO directly using U.S. dollars. Investors seeking to acquire WOLLO should first purchase Ethereum or Bitcoin using an exchange that deals in U.S. dollars such as Gemini, Coinbase or Changelly. Investors can then use their newly-acquired Ethereum or Bitcoin to purchase WOLLO using one of the aforementioned exchanges.
Receive News & Updates for WOLLO Daily – Enter your email address below to receive a concise daily summary of the latest news and updates for WOLLO and related cryptocurrencies with MarketBeat.com’s FREE CryptoBeat newsletter.
Author: Daniel Rudford