In Brief

  • Federal law enforcement officers arrested Graham Clark, 17 of Tampa, Florida, for allegedly masterminding the recent Twitter hack.
  • They allege he filched $120,000 worth of Bitcoin during the first hours of the scam.
  • It’s unclear if Clark, who is facing 30 felony charges, and the two others, acted alone, police said.
  • The investigation is ongoing.

An early morning raid staged by a joint task force of federal law enforcement officers nabbed a Tampa, Florida teenager who they claim pulled off the biggest hack in Twitter’s history. Two other teens—one from Naples, Florida, and the other from Bognor Regis, a seaside resort on the southern coast of England—were subsequently arrested.

Investigators said that KYC records obtained from Binance and Coindesk, which showed stolen Bitcoin moving into customer accounts, led them to the suspects.

Florida Law Enforcement officials working with the FBI, IRS, and Secret Service arrested Graham Clark, 17, for his alleged involvement in the Twitter hack that hijacked blue checkmark accounts of the likes of former president Barack Obama, presidential hopeful Joe Biden, business mogul Elon Musk, Kanye West and others.

Once the accounts were compromised, the hacker proceeded to tweet from these accounts to advertise fake giveaways asking for small sums of Bitcoin in return for larger sums. In total, the hacker made away with roughly $120,000 worth of bitcoin.

Clark faces 30 felony charges, including organized fraud, multiple counts of communications fraud, multiple counts of fraudulent use of personal information and unauthorized computer access. Hillsborough County State Attorney Andrew Warren said in a press statement that officials “can’t comment on whether he worked alone” at this time. The two other teens were subsequently nabbed.

The attorney also claimed that Clark is “not an ordinary 17-year old,” and will be tried as an adult. Officials are also looking into damages that supersede the $120,00 that Clark allegedly stole. It’s possible, for example, that Clark accessed and downloaded the direct messages of the accounts he compromised, though Twitter claims that no verified accounts had their direct messages compromised. Seven other, non blue check mark accounts did have personal information downloaded, the company has said.

Twitter clarified that the hacker gained access to admin tools after a socially engineered phishing attack. This involved calling Twitter employees and impersonating other company employees to manipulate the victims to divulge information like login credentials.

Clark is currently being held in a Tampa jail and could have his first court appearance as early as tomorrow, Warren said.