Skip to content
Naked Security Naked Security

Porn blast disrupts bail hearing of alleged Twitter hacker

An alleged hacker's bail hearing held online via Zoom with screen sharing enabled... what could possibly go wrong?

One of the alleged Twitter hackers faced a bail hearing in a Florida court yesterday.
ICYMI, the Twitter hack we’re referring to involved the takeover of 45 prominent Twitter accounts, including those of Joe Biden, Elon Musk, Apple Computer, Barack Obama, Kim Kardashian and a laundry list of others with huge numbers of followers.
The hacked accounts were then used to send out bogus Bitcoin investment messages along the lines of “pay in X bitcoins, get 2X back!”, although as an investigator in the criminal case wryly pointed out in his affidavit, “No bitcoin was ever returned, much less doubled.”
Amongst other things, the alleged crooks are said to have ended up with more than $100,000 of bitcoins sent in by trusting Twitter users who’d been duped by the upbeat messages that apparently came from celebrities.
As you can imagine, given current coronavirus concerns, even though the hearing took place before the court, not all the participants were actually in the courtroom.
Instead, the courtroom was hooked up to a Zoom meeting that was, it seems, not adequately secured against – how shall we put this? – external interference…
…with sadly predictable results.
Zoombombers, as they’ve become known, are miscreants who join in Zoom calls not to partcipate but to disrupt, something that’s all too easy if the call is set up with the same sort of implicit behavioural trust that everyone expects in face-to-face meetings.
The word zoombombing infamously entered our vocabularies back in March this year when Verge journalist Casey Newton hosted a time-to-share-the-love-during-coronavirus-lockdown meeting entitled “WFH Happy Hour”.
Newton even invited his parents along as guests of honour, something he soon had cause to regret.
With few or no security options turned on for the meeting, it turned into an eye-watering experience as one or more killjoys hijacked the Zoom session by sharing their own screens and bombarbing the other participants with heavy-duty pornography.
When kicked out, the Zoombombers apparently just rejoined the meeting repeatedly until the hapless hosts had no choice but to shut it down entirely.


Well, it happened again during the court hearing in Florida, when numerous online interruptions blasted the courtroom with music, profanities, rants against the judiciary and, apparently but not surprisingly, porn.
Once again, the interruptions were troublesome enough that the hearing was ended after 25 minutes, with the judge heard to say that future hearings will be “password protected”.
Apparently the hearing did reach some conclusions: the accused Twitter hacker, who is only 17 years old, had his request to reduce his bail amount refused.
Prosecutors, however, didn’t convince the judge to require the accused to account for the source of any money he puts up to secure his release from custody.
He’ll have to pay $725,000 if he wants to make bail, but if he does come up with the money, he won’t have to prove that it was legally acquired.
Reports suggest that the accused was linked to a large-scale Bitcoin theft earlier this year, but wasn’t prosecuted after handing over BTC 100 (around $1,000,000) to investigators.
A New York Times story published over the weekend suggests that those 100 bictoins were part of a larger haul of BTC 164 taken from a Seattle technology investor, who was the victim of a SIM swap, apparently leaving BTC 64 unaccounted for – just over $700,000 at today’s Bitcoin prices.

What to do?

Zoom calls are a great way to hold your usual business meetings while working from home, as well as to conduct webinars and give presentations while conventional conferences and seminars are banned in most countries.
But openness in a meeting room inside your company HQ, where there are probably security guards to keep the peace if needed, or public court hearings controlled in a similar way, are very different beasts from online meetings.
We’ve already published a handy guide entitled 5 things you can do today to make Zooming safer, and we urge you to read it if you haven’t already.
A few simple precautions will make it easier to stop disruptors crashing your meetings in the the first place, and quicker to boot out anyone who does get into the meeting but breaks your rules of conduct.


10 Comments

“miscreants” “crooks” you dare call them those names.
More like geniuses.
Sigh, that SJW is clouding your brain.

This US legal document on the Twitter hackers case makes for interesting reading, including the methods used to identify them: https://www.justice.gov/usao-ndca/press-release/file/1300126/download

There are two affidavits (though they share a fair bit of material). You can find links to both of them and a discussion of the findings in our original article about this case:
https://nakedsecurity.sophos.com/2020/07/16/twitter-limits-tweeting-as-prominent-accounts-spam-out-cryptocoin-scams/
Note that these affidavits don’t cover the case against the youngster referred to here but the other two accused.

This just in from the Department of Redundancy Department:
“… taken from a Seattle technology investor from Seattle …”

Fixed, thanks. I also fixed the mis-spelling “Departmernt” in your comment, though as you can see I could not resist rather needlessly pointing that out :-)

So the court showed porn to a 17yo? Do they get into trouble for this? Can he file for mental damage compensation?

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?