Florida teen accused of being 'mastermind' behind celebrity Twitter hack

Anthony Ha

Hillsborough State Attorney Andrew Warren announced today that he has filed 30 felony charges against a 17-year-old resident of Tampa, Florida, who was described by Warren's office as "the mastermind of the recent hack of Twitter ."

The hack in question occurred earlier this month and involved high-profile Twitter users like Apple, Elon Musk, Joe Biden and Barack Obama, whose accounts all posted messages promoting a Bitcoin wallet and claiming, "All Bitcoin sent to the address below will be sent back doubled!"

The teen (we're not identifying them because they're a minor) allegedly made more than $100,000 through this cryptocurrency scam.

The state attorney's office said that the teen was arrested earlier today after an investigation by the Federal Bureau of Investigation and the U.S. Department of Justice, and that they will be tried as an adult. They face charges including one count of organized fraud (over $50,000) and 17 counts of communications fraud (over $300).

"These crimes were perpetrated using the names of famous people and celebrities, but they’re not the primary victims here," Warren said in a statement. "This ‘Bit-Con’ was designed to steal money from regular Americans from all over the country, including here in Florida. This massive fraud was orchestrated right here in our backyard, and we will not stand for that."

As we reported at the time, the hack used Twitter's own internal administrative tool to gain access to high-profile accounts. In a tweet, the company said, "We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses. For our part, we are focused on being transparent and providing updates regularly."

Earlier today, Twitter updated its blog post outlining what it knows about the attack:

The social engineering that occurred on July 15, 2020, targeted a small number of employees through a phone spear phishing attack. A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools. Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes. This knowledge then enabled them to target additional employees who did have access to our account support tools. Using the credentials of employees with access to these tools, the attackers targeted 130 Twitter accounts, ultimately Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7.

To prevent a similar attack from succeeding in the future, Twitter said it will be "accelerating several of our pre-existing security workstreams and improvements to our tools" and also improving the methods it uses to detect and stop inappropriate access to its internal systems.

Update: In an announcement of its own, the Justice Department three people were actually charged for their alleged roles in the hack — not just the teen in Tampa, but also 19-year-old Mason Sheppard, a.k.a. “Chaewon,” of the United Kingdom (accused of conspiracy to commit wire fraud, conspiracy to commit money laundering and the intentional access of a protected computer) and 22-year-old Nima Fazeli, a.k.a. "Rolex," of Orlando, Florida (accused of aiding and abetting the intentional access of a protected computer), who are both facing charges in the Northern District of California.

"There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence,” said U.S. Attorney David L. Anderson in a statement. “Today’s charging announcement demonstrates that the elation of nefarious hacking into a secure environment for fun or profit will be short-lived.  Criminal conduct over the Internet may feel stealthy to the people who perpetrate it, but there is nothing stealthy about it.  In particular, I want to say to would-be offenders, break the law, and we will find you.”


More From

  • How China's ACRCloud detects copyrighted music in short videos

    Music is front and center in the rise of TikTok and other short-video apps. It's not just the video platforms that are harvesting the fruit of their surging popularity. Music rights holders are also prepared to extract money from the millions of songs found in snappy user-generated videos.

  • ByteDance in talks with India's Reliance for investment in TikTok

    Chinese giant ByteDance is engaging with India’s Reliance Industries Limited, the parent firm of telecom giant Jio Platforms, for financially backing TikTok in a move to potentially save the popular video app's fate in its biggest market by users, two people familiar with the matter told TechCrunch. TikTok's business in India, where it had amassed over 200 million users before it was banned in late June, is being valued at more than $3 billion, one of the sources said. Reliance said it does not comment on speculation and rumor.

  • Daily Crunch: Uber CEO says CA shutdown may be necessary

    Uber's CEO pushes back against a potential reclassification of drivers, a former COO sues Pinterest and Microsoft reveals details about the Surface Duo. Uber CEO Dara Khosrowshahi appeared on MSNBC today and claimed that if a recent California court ruling reclassifying drivers as full-time employees is not overturned, the company might have to suspend services in that state for several months. Former COO sues Pinterest, accusing it of gender discrimination, retaliation and wrongful termination — Françoise Brougher, who says she was abruptly fired from the company in April, is suing the company to hold it “accountable for discrimination, retaliation, and wrongful termination in violation of the Fair Employment and Housing Act (FEHA), and the Labor Code.”

  • Digitizing Burning Man

    For decades, Burning Man has represented an escape from the current reality. Now, under the shadow of a historic pandemic, the organization behind the massive, iconic event is desperately working to stick to its roots while avoiding financial ruin as it pivots the 2020 festival to a digital format with the pro bono help of some of its tech industry attendees. With just a few weeks before the event is set to kick off, the organization is bringing together a group of technologists with backgrounds in virtual reality, blockchain, hypnotism and immersive theatre to create a web of hacked-together social products that they hope will capture the atmosphere of Burning Man.