US and UK teens arrested in connection with Twitter hack

(Image credit: Shutterstock)

Law enforcement in the US and UK have charged three people believed to be responsible for the massive Twitter hack that took over the accounts of politicians, celebrities and prominent figures in the tech industry in an attempt to scam people around the world out of bitcoin.

The three male suspects include a 19 year old from the UK, a 22 year old from Orlando and a teenager from Tampa, Florida. The 17 year old teenager was arrested last week in Tampa and he faces 30 felony charges for his part in the hack.

Despite being the youngest of the group, the teenager from Florida was actually the ring leader of the hacking scam and he is being prosecuted as an adult since Florida law allows minors to be charged as adults in financial fraud cases. Security experts weren't surprised by this though, as the amateur nature of the operation as well as its members' willingness to discuss the hack with reporters online ran contrary to the way in which cybercriminals typically operate.

In the US, investigators from the Internal Revenue Service (IRS) were able to identify two of the hackers just by analyzing their bitcoin transactions including the ones they tried to keep anonymous.

Twitter hack aftermath

Last month the group of young hackers took control of the accounts of major public figures and businesses including Joe Bide, Barack Obama, Elon Musk, Jeff Bezos, Apple and others. They then used the popularity of these accounts and their tens of millions of followers to send out a series of tweets in which they told users that they would receive double their money if they sent bitcoin to a specific address online.

The hack lasted several hours and to prevent any more compromised accounts from tweeting out the message, Twitter suspended all verified accounts with a blue check mark from sending out any tweets at all.

The social media giant recently said that the hack was the result of a spear-phishing attack. Unlike a traditional phishing attack where scammers send out a fraudulent message to try and harvest as many user credentials as possible, in a spear-phishing attack hackers adopt the identity of a person known to their target to increase the likelihood of success.

While the recent Twitter hack was the first of its kind, the attackers behind it only ended up making around $120,000 in bitcoin from their victims. Hopefully though, others don't try to follow in their footsteps now that those behind the hack have been taken into custody by law enforcement.

Via The Guardian

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.