Did a 16-Year-Old Have A Hand in Twitter Hack?

When authorities arrested Graham Ivan Clark, who they said was the “mastermind” of the recent Twitter hack that ensnared Kanye West, Bill Gates and others, one detail that stood out was his age: He was only 17.

Now authorities have homed in on another person who appears to have played an equal, if not more significant, role in the July 15 attack, according to four people involved in the investigation who declined to be identified because the inquiry was ongoing. They said the person was at least partly responsible for planning the breach and carrying out some of its most sensitive and complicated elements.

His age? Just 16, public records show.

On Tuesday, federal agents served the teenager with a search warrant and scoured the Massachusetts home where he lives with his parents, said one of the people involved in the operation. A spokesman for the F.B.I. confirmed a search warrant had been executed at the address.

The search warrant and other documents in the case are under seal, and federal agents may decide not to charge the youth with a crime. If he is ultimately arrested, the case is likely to be handed over to Massachusetts authorities, who have more leverage than federal prosecutors in charging minors as adults. (The New York Times is not naming the teenager at this point because of his age and because he has not been charged.)

Rarely have federal agents gone after someone so young in a hacking case, especially given the apparent sophistication of the attack. During the hack, much of Twitter — including President Trump’s unfiltered communications on the service — was largely immobilized. The attackers gained control of the social network’s systems and compromised the accounts of Barack Obama, Joseph R. Biden Jr., Jeff Bezos and many other prominent people, exposing just how vulnerable Twitter could be.

Credit…Hillsborough County Sheriff’s Office, via Associated Press

Authorities have already charged three other people in the hack. They include Mr. Clark, who Florida prosecutors charged in late July as an adult with 30 felonies. He has pleaded not guilty and has not made the bail payment to get out of jail. The other two people are Mason John Sheppard, 19, of the United Kingdom, and Nima Fazeli, 22, of Orlando, Fla., who were charged by federal prosecutors.

Twitter declined to comment.

The Massachusetts teenager appeared to get involved in planning the Twitter attack with Mr. Clark in May, according to investigators. While Mr. Clark and some of his accomplices talked with one another on the messaging board Discord, the youth restricted himself to using encrypted messaging systems like Signal and Wire, several hackers who saw the messages said.

“He was smarter than the rest,” Joseph O’Connor, a hacker known as PlugWalkJoe, said of the teenager. Mr. O’Connor said he talked with some of the people involved in the hack on the day of the Twitter attack and was aware of the teenager’s role in the scheme.

The youth’s secure communications made it harder for investigators to identify him. But Mr. O’Connor and other people in the online conversation that day said that he made video calls to friends on the day of the hack and showed them that he was inside Twitter’s back-end systems, which some accomplices never got near.

Around age 13, the boy bought a series of websites with pornographic names and tried to resell them using his personal address and email, according to domain records.

Around the same time, online forum accounts tied to his email address and home internet protocol address showed up on the website OGusers.com, a site that was the home for the others involved in the Twitter attack, according to two online forensic firms. The site provides a place for hackers to buy and sell coveted “original gangster” user names on social media sites, such as single letter accounts like @a or @6.

The teenager rotated among several aliases tied to his various online accounts, according to intelligence analysis done by the firm Intel471. The messages from the accounts included profanities, anti-Semitic remarks and homophobic comments. At one point, the teenager complained about losing around $200,000 on a Bitcoin gambling site. He also offered to sell a user name for $3,000 in Bitcoin, according to messages from the forum that were later leaked.

“IF your broke and can’t afford or dont think thats a good price JUST DONT EVEN MESSAGE ME!” he wrote in late 2018.

He later linked up with Mr. Clark online and they began working together, people involved in the investigation said. Their early work, hackers said and investigators confirmed, was on so-called SIM swaps, a hacking method that is often used to steal social media accounts and cryptocurrency.

Late last year and early this year, hackers and investigators said, the teenager was part of a group that got inside the site GoDaddy, a company that sells and secures website names. The hackers were able to access and change customer records. GoDaddy confirmed the hack in a letter to customers.

In May, the Massachusetts teenager and Mr. Clark began tricking Twitter employees to give up their logins, leading to the July 15 hack. The boys, using the alias Kirk, began selling valuable Twitter user names to customers.

Sahred From Source link Technology

Be the first to comment

Leave a Reply

Your email address will not be published.