Twitter hack: Bognor Regis man one of three charged
A man living in Bognor Regis – on the UK south coast – is one of three individuals charged over a major Twitter hack, according to the US Department of Justice.
Californian authorities filed felony charges against Mason Sheppard, 19.
The UK’s National Crime Agency (NCA) confirmed it had searched a property in Bognor Regis with police on Friday.
A teenager in Tampa and Nima Fazeli, 22, of Orlando, were also charged in Florida.
US Attorney David L Anderson said the arrests proved “nefarious hacking… for fun or profit” did not pay off.
Twitter accounts of multiple high-profile US figures were hijacked in an apparent Bitcoin scam on 15 July.
They included former President Barack Obama, Amazon boss Jeff Bezos, entrepreneur Elon Musk, Microsoft founder Bill Gates, Democratic presidential hopeful Joe Biden and reality star Kim Kardashian West, who all falsely tweeted out requests for Bitcoin donations.
In his statement, US Attorney Anderson said: “There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence.”
He added: “Criminal conduct over the Internet may feel stealthy to the people who perpetrate it, but there is nothing stealthy about it. In particular, I want to say to would-be offenders, break the law, and we will find you.”
In Florida, Hillsborough State Attorney Andrew Warren filed 30 felony charges against the teenager, 17, who cannot be named, for “scamming people across America”.
The charges include organised fraud and fraudulent use of personal information.
“As a crypto-currency, Bitcoin is difficult to track and recover if stolen in a scam,” Mr Warren said.
“These crimes were perpetrated using the names of famous people and celebrities, but they’re not the primary victims here. This ‘Bit-Con’ was designed to steal money from regular Americans from all over the country, including here in Florida.
“This massive fraud was orchestrated right here in our backyard, and we will not stand for that.”
The charges against the teenager include 17 counts of communication fraud, 10 counts of fraudulent use of personal information, one count of fraudulent use of personal information with over $100,000 (£76,340) or 30 or more victims, one count of organised fraud and one count of access to computers or electronic devices without authority.
“He’s a 17 year-old kid who apparently just graduated high school,” said State Attorney Warren. “But no make no mistake, this was not an ordinary 17-year-old. This was a highly sophisticated attack on a magnitude not seen before.”
He added that the investigation to “discover the perpetrator” was a collaboration between the Florida Department of Law enforcement, the US Attorney’s Office for the Northern District of California, the FBI, the IRS, and the Secret Service.
The teenager lives in Tampa, Florida and so will be prosecuted by Hillsborough State authorities.
Twitter said in a statement: “We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses.
“For our part, we are focused on being transparent and providing updates regularly.”
After the hack, Twitter said the hackers had targeted its employees “with access to internal systems and tools”.
It added that “significant steps” had been taken to limit access to such internal systems and tools while the company’s investigation continued.
According to BBC cyber-security reporter Joe Tidy, the consensus in the information security community is that Twitter’s employees were likely duped by a spear-phishing attack via a phone call.
This involves using friendly persuasion and trickery to get victims to hand over crucial information that enables hackers to infiltrate a company’s systems.