If you rely on your children/teenagers for household tech support, then it probably will not surprise you to learn that the criminal mastermind behind the recent high-profile hack of Twitter V.I.P. accounts is a teenager. While most adults struggle with many aspects of today’s digital world, our children grow up completely immersed in it and by age 10 can pretty much get a smart phone to do anything up to toasting bread. Thus, it should come as no surprise to anyone that a 17-year-old managed to hack into the servers of Twitter and take over the accounts of such famous names as Barack Obama, Kayne West, Warren Buffett, Kim Kardashian, Elon Musk, and 125 or so other people whose names are instantly recognizable.
While the hack itself was somewhat sophisticated, the accompanying extortion effort was rather, well, let’s just say “juvenile.” I mean, would you fall for a Tweet from Joe Biden or some other famous name that stated: “I am giving back to the community. All Bitcoin sent to the address below will be sent back doubled! If you send $1,000, I will send back $2,000. Only doing this for 30 minutes.”?
Yeah, not likely, but P.T. Barnum’s adage about “a sucker being born every minute” still holds true as the scam bitcoin account received over 400 transfers valued at more than $100,000 within three hours. After a quiet six months in the cybervillainy department, we should have known something like this was coming.
The mid-July attack—“one of the most brazen online attacks in memory,” according to the New York Times—caused havoc with Twitter, made international news, and captured the attention of the cybersecurity industry. North Korea was initially tapped by some pundits as a likely culprit, along with China, Russia, and Iran, but U.S. intelligence agencies quickly determined that the hack was likely the work of individual(s) rather than rogue state action.
And by July 31st the Feds announced the arrest of three individuals, one of whom—17-year-old Graham Clark of Tampa, Florida—has been identified as the ringleader and, as such, is facing 30 felony charges. His accomplices include a 22-year-old from Orlando, Florida and a 19-year-old from the U.K.
The U.S. Department of Justice news release, announcing the charges realted to the twitter hack, noted that “while investigations into cyber breaches can sometimes take years, our investigators were able to bring these hackers into custody in a matter of weeks.” The speed of the arrests may have been due in part to the fact that federal investigators were already familiar with Clark’s alleged cybercriminal activities. Earlier in the year, U.S. Secret Service agents confiscated 100 Bitcoins valued at about $1 million from Clark, alleged to have been hacked from the account of a Seattle tech investor. No word on why Clark was not arrested then, but perhaps it was due to his legal status as a minor (he is being charged as an adult in the Twitter breach).
Whatever the case, teenagers will be teenagers, and judicial officials in the Hillsborough County, Florida criminal court should have been leery of potential mischief-making during the online bond hearing held for Clark on Aug. 5. In fact, judicial officials likely would have been well served by hiring some youthful tech experts to help them run the Zoom bond hearing. The hapless adults running the hearing failed to take “Zoom Bomb” precautions and the hearing was by interrupted by anonymous troublemakers, loud music, and the streaming of graphic Pornhub video. The presiding judge was forced to quickly terminate the hearing, and he reportedly maintained the original bond amount. No word yet on whether the court will conduct future hearings relating to the case via Zoom.