Three individuals have been charged with carrying out a debilitating security breach on Twitter 2 weeks ago that saw high-profile verified accounts hijacked for the purposes of a Bitcoin scam. In perpetrating the scheme, the team allegedly gained privileged tools by connecting with an employee who was selling access to them.
The people involved were:
- Mason Sheppard, a 19-year-old from the U.K.;
- Nima Fazeli, a 22-year-old from Orlando, and;
- a 17-year-old from Tampa identified as Graham Clark.
The investigation and arrests were a joint effort between the U.S. Attorney General's office, FBI, IRS, and the Secret Service.
Case handlers allege in complaint filings that Clark had been hawking the ability to change any piece of information about a Twitter account in exchange for Bitcoin. Sheppard and Fazeli engaged.
On Discord, Fazeli asked Clark for access to the Twitter handle @foreign. In return, Clark wanted $500.
Kirk#5270 (Clark): 500 for foreign
lowest ill go
I'll update them eail (sic)
that you gave me[...]
Give me your email
Rolex#0373 (Fazeli): [email protected]
Clark: Reset through forgot
Fazeli: I'm in
Clark was also bragging to Sheppard at the same time about his access, saying that he works for Twitter and that he can "claim any name."
The three decided to collaborate and began running a racket on OGUsers, a black market forum for screen names, and potentially other similar sites to claim any Twitter handle via an email reset for anyone who would pay them $250 in Bitcoin. Direct access could cost as much as $3,000 a pop.
It would seem that the Sheppard, Fazeli, and Clark would bump their revenues by deploying tweets of their own on handles they've been asked to compromise — @elonmusk, @kanyewest, @Apple, and over 100 more prized names — offering to double any Bitcoin deposit. 415 Twitter users obliged and the team shared a steal of more than $117,000.
Sheppard and Fazeli will face a federal judge in San Francisco. Sheppard is booked on three counts for hacking, wire fraud conspiracy, and money laundering conspiracy. Fazeli has a hacking charge. As Clark is a juvenile, he will be tried in his home jurisdiction of Hillsborough County. He is charged with a total of 30 counts. You can read the complaint filings against Sheppard and Fazeli at the links below.
- Department of Justice,
- Northern District of California (PR),
- Hillsborough State Attorney
- WFLA-TV (KRON-TV)