The US Department of Justice just issued a press release entitled simply, “Three Individuals Charged for Alleged Roles in Twitter Hack.”
In some ways, the Twitter hack referred to, which happened just two weeks ago on 2020-07-15, was tiny.
In a world in which data breaches involving millions, hundreds of millions and even billions of accounts aren’t unusual, the fact that Twitter lost control of just 45 accounts seems, at first glance, almost inconsequential. (Estimates suggest that Twitter has about one third of a billion active users.)
But there are two reasons why that’s not the case.
Firstly, every user has the right to have their personal data protected and their accounts shielded from takeover by hackers through no fault of their own, so even one hacked account is a cause for concern.
Secondly, these weren’t just your account or my account – according to the affidavit filed by IRS Criminal Investigator Tigran Gambaryan against one of the three accused:
[M]ultiple high-profile verified accounts were compromised, including accounts belonging to Bill Gates, Elon Musk, Kanye West, Joe Biden, Barack Obama, Jeff Bezos, Mike Bloomberg, Warren Buffett, Benjamin Netanyahu, and Kim Kardashian.
As you can imagine, tweets sent out from these accounts – even if the deception were spotted quickly and the accounts locked down anyway, which is ultimately what happened – would reach a vast number of people, and would carry an awful lot of influence.
According to the indictments, those involved in the hack used these high-reach accounts to promote a Bitcoin scam that urged victims to get involved in a “two-for-one” scheme: pay in some bitcoins to Gates, Musk, West et al., and they’d pay you back double.
A number of cryptocurrency exchanges also allegedly had their accounts hacked to encourage similarly fraudulent “investments” via a website called cryptoforhealth.com
.
As Investigator Gambaryan wryly notes in his affidavit:
No bitcoin was ever returned, much less doubled.
The indictments also allege numerous other interactions between two of the suspects – the investigators argue that this shows them working together to take over other Twitter accounts (ones with cool-sounding or short names, known as OGUs, short for “original gangster users”).
The investigators present evidence to support their allegations, including Bitcoin transactions purporting to show payment for hacked accounts, and instant messaging chats discussing and setting prices for desirable OG usernames.
The suspects
As we mentioned above, three individuals have been charged, but we’ve only listed two affidavits against two of the suspects – the third, apparently, is under 18 and hasn’t been officially identified yet.
Interestingly, one of those charged is from the UK, not the US, and is currently in the UK as far as we can tell – we presume that the US will seek to extradite him to face charges in America.
Well done to US law enforcement for investigating quickly and presenting their allegations in interesting and informative detail. (The affidavits linked to above are well worth reading if you are interested in how this sort of crime is followed up.)
Of course – as the Department of Justice points out in its press release – these are only allegations so far, and the suspects enjoy the presumption of innocence.
We’ll be watching with interest and will keep you informed here of any developments.
Ian
I thought there might be something of more substance to this story. I guess not unless the content of those DMs comes out. It appears you were right Paul and it was just OGIdiots going after handles and trying to make a few bitcoins. That’s really pathetic if all these details are accurate and Twitter was owned by a 17 year old. Makes you wonder how many nation states have access to Trump’s Twitter if it requires this little skill to compromise accounts.
Paul Ducklin
Some DMs are quoted in the affidavits, but I imagine there is a bunch more evidence that has not been disclosed yet, as well as a lot that might never be found…
PAK
Thanks, I follow and admire your work always. Blessings ~