The ‘mastermind’ of the Twitter breach that utilised prominent peoples accounts for a cryptocurrency con turned out to be a 17-year-old in Tampa, Florida, who was arrested last week!
Several accomplices, Nima Fazeli, 22, of Orlando & Mason Sheppard, 19, in the UK, known as Rolex & Chaewon, were also arrested in a scheme that took over Twitter accounts of former US Vice-President & presumptive Democratic Presidential Nominee Joe Biden, former President Barack Obama, Microsoft founder Bill Gates, Apple, Kanye West & others to promote a COVID-19-related cryptocurrency con.
Identity
Sheppard used his own driver’s license to prove his identity on Coinbase & Binance, & was charged with Conspiracy to Commit Wire Fraud, Conspiracy to Commit Money Laundering, & The Intentional Access of a Protected Computer, which could lead altogether to 20 years in jail & a $250,000 fine, says the US Justice Department.
Nima Fazeli faces a single charge of Aiding & Abetting the Intentional Access of a Protected Computer & could have to spend up to 5 years in prison & pay a $250,000 fine. Little was disclosed about the 17-year-old, whose identity is protected because he is a juvenile.
US Justice Department filings refer to a Kirk#5270, who claimed to be a Twitter employee who could provide access to “any” account on the social media platform. That claim may or may not be true, nor is it clear if Kirk#5270 is the unidentified youngster arrested in Tampa.
In a later update Twitter explained that a small, targeted group of employees had been socially engineered through a phone spear phishing campaign to release credentials &, thus, access to the company’s networks & account management tools.
Consequence
The arrests should remove from the criminal hacker community the idea that cyber-attacks can be carried out “anonymously & without consequence,” US Attorney David L. Anderson for the Northern District of California said in the Justice Department statement.
“Criminal conduct over the Internet may feel stealthy to the people who perpetrate it, but there is nothing stealthy about it. In particular, I want to say to would-be offenders, break the law, & we will find you.”
Blame
Rick Holland, CISO & VP of Strategy at Digital Shadows, commented the arrests also should “illustrates why we shouldn’t jump to conclusions” when it comes to attribution. “Given the current geopolitical tensions, it is far too easy to blame China, Russia, or Iran for intrusions. In this case, the advanced persistent threat is more like an advanced persistent teenager,” he observed.
“It is far more critical for defenders to understand how the adversaries gained their initial access and accomplished their objectives. Leave the attribution to law enforcement & intelligence agencies.”
