Monday, Aug 10, 2020 | Last Update : 02:30 PM IST

139th Day Of Lockdown

Maharashtra51533235171017757 Tamil Nadu2969012386384927 Andhra Pradesh2278601387122036 Karnataka178087939083198 Delhi1454271305874111 Uttar Pradesh122609726502069 West Bengal95554671202059 Bihar7972051315429 Telangana7949555999627 Gujarat71064542382652 Assam5883842326145 Rajasthan5249738235789 Odisha4592731785321 Haryana4163534781483 Madhya Pradesh3902529020996 Kerala3433121832109 Jammu and Kashmir2489717003472 Punjab2390315319586 Jharkhand185168998177 Chhatisgarh12148880996 Uttarakhand96326134125 Goa871259575 Tripura6161417641 Puducherry5382320187 Manipur3752204411 Himachal Pradesh3371218114 Nagaland27819048 Arunachal Pradesh215514823 Chandigarh151590425 Meghalaya10624906 Sikkim8664971 Mizoram6082980
  Technology   In Other news  01 Aug 2020  Twitter hackers who carried out Bitcoin scam arrested, one a teen, and two youth

Twitter hackers who carried out Bitcoin scam arrested, one a teen, and two youth

AP
Published : Aug 1, 2020, 2:57 am IST
Updated : Aug 1, 2020, 2:57 am IST

They scammed people of more than USD 100,000 dollars worth bitcoin by hacking Twitter accounts of celebrities and posting a fake giveaway.

In one of the most high-profile security breaches in recent years, hackers sent out bogus tweets on July 15 from the accounts of Barack Obama, Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked. The tweets offered to send $2,000 for every $1,000 sent to an anonymous Bitcoin address. (Photo | Pixabay - Pete Linforth)
 In one of the most high-profile security breaches in recent years, hackers sent out bogus tweets on July 15 from the accounts of Barack Obama, Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked. The tweets offered to send $2,000 for every $1,000 sent to an anonymous Bitcoin address. (Photo | Pixabay - Pete Linforth)

Miami: A British man, a Florida man and a Florida teen hacked the Twitter accounts of prominent politicians, celebrities and technology moguls to scam people around the globe out of more than $100,000 in Bitcoin, authorities said Friday.

Graham Ivan Clark, 17, was arrested Friday in Tampa, where the Hillsborough State Attorney’s Office will prosecute him as adult. He faces 30 felony charges, according to a news release. Mason Sheppard, 19, of Bognor Regis, U.K., and Nima Fazeli, 22, of Orlando, were charged in California federal court.

 

In one of the most high-profile security breaches in recent years, hackers sent out bogus tweets on July 15 from the accounts of Barack Obama, Joe Biden, Mike Bloomberg and a number of tech billionaires including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. Celebrities Kanye West and his wife, Kim Kardashian West, were also hacked.

The tweets offered to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.

“There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence,” US Attorney David L. Anderson for the Northern District of California said in a news release. “Today’s charging announcement demonstrates that the elation of nefarious hacking into a secure environment for fun or profit will be short-lived.”

 

Although the case against the teen was also investigated by the FBI and the US Department of Justice, Hillsborough State Attorney Andrew Warren explained that his office is prosecuting Clark in Florida state court because Florida law allows minors to be charged as adults in financial fraud cases such as this when appropriate.

“This defendant lives here in Tampa, he committed the crime here, and he’ll be prosecuted here,” Warren said.

Twitter previously said hackers used the phone to fool the social media company’s employees into giving them access. It said hackers targeted “a small number of employees through a phone spear-phishing attack.”

 

“This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” the company tweeted.

After stealing employee credentials and getting into Twitter’s systems, the hackers were able to target other employees who had access to account support tools, the company said.

The hackers targeted 130 accounts. They managed to tweet from 45 accounts, access the direct message inboxes of 36, and download the Twitter data from seven. Dutch anti-Islam lawmaker Geert Wilders has said his inbox was among those accessed.

Spear-phishing is a more targeted version of phishing, an impersonation scam that uses email or other electronic communications to deceive recipients into handing over sensitive information.

 

Twitter said it would provide a more detailed report later “given the ongoing law enforcement investigation.”

The company has previously said the incident was a “coordinated social engineering attack” that targeted some of its employees with access to internal systems and tools. It didn’t provide any more information about how the attack was carried out, but the details released so far suggest the hackers started by using the old-fashioned method of talking their way past security.

British cybersecurity analyst Graham Cluley said his guess was that a targeted Twitter employee or contractor received a message by phone asking them to call a number.

 

“When the worker called the number they might have been taken to a convincing (but fake) helpdesk operator, who was then able to use social engineering techniques to trick the intended victim into handing over their credentials,” Clulely wrote Friday on his blog.

It’s also possible the hackers pretended to call from the company’s legitimate help line by spoofing the number, he said.

Tags: twitter hack, bitcoin scam, cybersecurity