Teen, 17, Charged For Largest Social Media Breach In History
A teenager has been charged with allegedly 'masterminding' the largest social media breach in history and stealing more than $100,000 (£76,350).
Graham Ivan Clark, from Tampa, Florida, has been accused of hacking a series of celebrity Twitter accounts earlier this month, including former US President Barack Obama, Tesla boss Elon Musk and Kanye West.
The 17-year-old was arrested on Friday (31 July), following a federal investigation, and has been charged with 17 counts of communications fraud, 10 counts of fraudulent use of personal information, one count of fraudulent use of personal information (over $100,000 or 30 or more victims), one count of organized fraud, and one count of access computer or electronic device without authority.
In a statement, Hillsborough State Attorney Andrew Warren said: "The Federal Bureau of Investigation and the U.S. Department of Justice conducted a complex nationwide investigation, locating and apprehending the suspect in Hillsborough County.
"Scamming people out of their hard-earned money is always wrong. Whether you're taking advantage of someone in person or on the internet, trying to steal their cash or their cryptocurrency - it's fraud, it's illegal, and you won't get away with it.
"This 'Bit-Con' was designed to steal money from regular Americans all over the country, including right here in Florida.
"This massive fraud was orchestrated right here in our backyard, and we will not stand for that."
The FBI branded Clark a 'mastermind', however, it's not clear whether or not he acted alone, if indeed he is guilty.
On 15 July, a hacker used a number of celebrity accounts to share a status update promising to double any donations made to a specific account, which was named in the tweet.
Obama's tweet read: "I am giving back to my community due to Covid-19!
"All Bitcoin sent to my address below will be sent back doubled. If you send $1,000, I will send back $2,000!
More Like This
*Fake account number*
"Only doing this for the next 30 minutes. Enjoy!"
According to reports, it's believed the person responsible for the hack may have stolen more than $116,000 (£88,554) from people.
However, it later became clear it was, in fact, a hack, and some 378 transactions had been made using the accounts named in the message.
According to industry website Blockchain.com, which monitors transactions made in cryptocurrencies, at least 12.58 bitcoins, worth around $116,000, had been sent to the addresses mentioned in the tweets.
Following the breach, Twitter posted a series of tweets explaining the hack, confirming theories that the attack couldn't have taken place without access to the company's internal tools and employee privileges.
The first tweet in the thread reads: "We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
"We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf."
Twitter acknowledged that numerous hackers seem to have been involved, not simply an individual. It also said that more than one employee's account was compromised.
Featured Image Credit: PA/Hillsborough County Sheriff's Office