TAMPA, Fla. (CN) — Law enforcement officials arrested a Florida teenager on Friday in connection with the hacking of prominent Twitter accounts, including those belonging to former President Barack Obama, Democratic presidential hopeful Joe Biden and Microsoft founder Bill Gates.
Graham Ivan Clark, 17, faces 30 felony charges for allegedly being the mastermind behind the Twitter hacks that took control of celebrities’ accounts and tweeted messages instructing followers to send Bitcoin to the perpetrators’ cryptocurrency account.
Hours after Clark’s arrest, federal authorities arrested two others in connection with the hack: Mason Sheppard, a 19-year-old United Kingdom resident, and Nima Fazeli, a 22-year-old who lives in Orlando.
According to prosecutors, the hackers breached 130 Twitter accounts and sent messages promising to double any Bitcoin deposits made to a scam account. In just a single day, the hackers took in more than $117,000 in Bitcoin. They also allegedly offered to sell the Twitter accounts in online forums.
The operation targeted the accounts of politicians, executives and musicians, including Amazon CEO Jeff Bezos, Tesla CEO Elon Musk, investor Warren Buffet, former New York City Mayor Michael Bloomberg and rapper Kanye West. But they also targeted less prominent people.
“These crimes were perpetrated using the names of famous people and celebrities, but they’re not the primary victims here,” Hillsborough County State Attorney Andrew Warren said in a statement. “This ‘Bit-Con’ was designed to steal money from regular Americans from all over the country, including here in Florida. This massive fraud was orchestrated right here in our backyard, and we will not stand for that.”
Investigators decided to charge Clark in Florida, in part because of his residency, but also because state law allows minors to be charged as adults in financial fraud cases.
“This defendant lives here in Tampa, he committed the crime here, and he’ll be prosecuted here,” Warren said.
Clark faces charges of communication fraud, organized fraud, fraudulent use of personal information and other counts. Sheppard and Fazeli also face similar charges.
In the days after the July 15 hack, Twitter revealed the perpetrators used “social engineering” to trick Twitter employees into giving out their credentials. The hackers also downloaded some users’ data, including private direct messages, contacts and physical location history.
The FBI and Department of Justice immediately began a probe into the fraud, eventually including the U.S. Attorney’s Office for the Northern District of California, IRS and Secret Service in the investigation. Later, United Kingdom law enforcement became involved.
“There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence,” Northern California U.S. Attorney David L. Anderson said Friday. “Today’s charging announcement demonstrates that the elation of nefarious hacking into a secure environment for fun or profit will be short-lived.”
On Friday, Twitter congratulated authorities for the arrests.
“We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses,” the company tweeted. “For our part, we are focused on being transparent and providing updates regularly.”