Level 14
Hackers targeted profiles of prominent peoples like Barak Obama, Jeff Bezos, Warren Buffet, Elon Musk, and companies like Apple, Uber, and Binance. Other than these top profiles, hackers tweeted similar tweets from thousands of Twitter profiles.


Level 21


Level 6
Last week, the US Department of Justice (DOJ) charged three men for their alleged roles in one of the largest Twitter breaches in history, which led to the hijacking of 130 high-profile accounts of politicians, celebrities and musicians.

According to a Florida affidavit, two Florida residents and one UK national were responsible for the hack, and are now charged with conspiracy to commit wire fraud, conspiracy to commit money laundering, and the intentional access of a protected computer.

The trio, who remained a mystery until the recent announcement, allegedly managed to defraud over 400 individuals through a clever bitcoin scam by piggybacking compromised Twitter VIP accounts.

“I am giving back to my community due to Covid-19. All Bitcoin sent to my address below will be sent back double. If you send $1,000, I will send back $2,000,” read one of the fraudulent tweets.

“The Twitter attack consisted of a combination of technical breaches and social engineering,” the reports said. “The hackers are alleged to have created a scam bitcoin account, to have hacked into Twitter VIP accounts, to have sent solicitations from the Twitter VIP accounts with a false promise to double any bitcoin deposits made to the scam account, and then to have stolen the bitcoin that victims deposited into the scam account. “

Posing as prominent social media figures, the bad actors gained over $100,000 in Bitcoin transactions from victims. Although the scheme was successful at first, the men made little attempt to conceal their identities, using their home IP addresses and driver’s license to verify Bitcoin wallets.

“Upon opening an investigation into this attack, our investigators worked quickly to determine who was responsible and to locate those individuals,” said San Francisco FBI Special Agent in Charge John F. Bennett. “While investigations into cyber breaches can sometimes take years, our investigators were able to bring these hackers into custody in a matter of weeks.”

The hackers allegedly compromised over 100 social media accounts and scammed both the account users and others who sent money based on their fraudulent solicitations,” said Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division. “The rapid investigation of this conduct is a testament to the expertise of our investigators, our commitment to responding quickly to cyber attacks, and the close relationships we have built with law enforcement partners throughout the world.”


Level 10
How the FBI Identified Twitter Hackers

Bitcoin Transactions Led FBI to Twitter Hackers

Court documents made public last week by U.S. authorities following the announcement of charges against three individuals allegedly involved in the recent Twitter attack revealed how some of the hackers were identified by investigators.

News of the charges came shortly after Twitter revealed that the attackers gained access to its internal systems and tools, which they later used to take control of tens of high-profile accounts, by using phone spear-phishing. The hackers targeted 130 accounts, but reset the passwords for only 45 of them, many of which were used to post tweets that were part of a bitcoin scam.
The U.S. Department of Justice announced on Friday that it charged 22-year-old Nima Fazeli (aka Rolex, Rolex#0373, and Nim F) of Orlando, Florida, 19-year-old Mason John Sheppard (aka Chaewon and “ever so anxious#001”) of the United Kingdom, and 17-year-old Graham Ivan Clark (aka Kirk#5270), of Tampa, Florida.
Clark is believed to be the mastermind of the operation — he is the one who allegedly broke into Twitter’s systems. Fazeli and Sheppard are believed to have helped him sell access to Twitter accounts.
According to court documents, a user with the online moniker Kirk#5270 on the chat service Discord claimed to work for Twitter and offered to provide access to any user account. That is how he met Rolex and Chaewon, who helped him sell access to Twitter accounts, including on the hacking forum, which specializes in the trading of social media and other online accounts..."