US authorities accuse a Florida teenager of hacking Twitter in mid-July. Initially, he is said to have sold access to third-party Twitter accounts, but quickly started to sell fraudulent tweets on behalf of celebrities. Suddenly, dozens of Twitter accounts, such as those transferred by Elon Musk, Barack Obama or Apple, promised to send back twice. After three hours and 415 deposits, the damage was $ 118,000. Now three people are coming to trial.
In addition to the teenager, who the US authorities suspect and arrested as the main perpetrators, 19-year-old Briton Mason John S. and 22-year-old Nima F., also from Florida, are indicted. A juvenile from California, who is currently listed as a witness, and other strangers could still be charged. The presumption of innocence applies to everyone.
Twitter was hacked on July 15, 2020. The perpetrators use access to internal Twitter systems to change passwords, especially for Bitcoin exchanges and celebrity accounts. Fraudulent tweets were then sent out, which encouraged users to transfer Bitcoins. The money was gone.
S., F., and the incriminating witness are said to have helped the main suspect sell third-party Twitter accounts with popular names. Alone S. is said to have taken Bitcoin worth a good $ 40,000 on July 15, of which he is said to have forwarded Bitcoin to the main suspect for about $ 33,000. This emerges from the charges that were brought against S. and F. at the Federal District Court for Northern California on Friday.
Account shifting is not enough
The teenager from Florida, however, did not stop at selling foreign Twitter accounts, according to the indictment. The same day, he is said to have started the fraud campaign known as “Crypto for Health”. According to Twitter, unauthorized tweets were issued with 45 third-party Twitter accounts. Direct messages were read from 36 accounts and a complete download was carried out from seven.
The break-in in the Twitter administration systems is likely to have been achieved through spear phishing attacks on Twitter employees. But Twitter itself is also criticized: the company is loud Reuters granted those far-reaching rights to more than a thousand employeeswhich were then abused. With this, Twitter has created a large target and has taken high risks.
Previous hack helps investigators
That the suspects were researched so quickly is probably due to a previous hack on the website ogusers.com. Access to third-party Twitter accounts was offered there on July 15. The relevant ogusers accounts have been active for a long time.
As luck would have it, someone had the website at the end of March
ogusers.com chopped. On April 2, this perpetrator published the copied database. In this data, US authorities found the email and IP addresses assigned to the ogusers accounts, which led to S. and F. Both had registered on Bitcoin exchanges on presentation of their driver’s license. They are said to have communicated with the main suspect via Discord, where the authorities have also found incriminating material.
How the main suspect was researched is not yet known. Although he is not yet of legal age, the Florida state attorney’s office wants to bring him to trial under adult criminal law. Therefore, in contrast to the federal authorities, she also published the teenager’s name and portrait. The indictment, which initially comprises 30 points, is not yet available.
Bitcoin already seized in April
According to New York Times investigators were targeting the prime suspect even before the Twitter hack. In April, the Secret Service is said to have confiscated more than $ 700,000 of Bitcoin from him.