• Three people were charged on Friday in connection to a massive Twitter bitcoin hack in July that compromised dozens of high profile accounts, including those of Kim Kardashian-West, Kanye West, and former President Barack Obama.
• Among those charged was 17-year-old Graham Ivan Clark who reportedly stole nearly $180,000 and is being described as the mastermind behind the attack.
• On Sunday, the Tampa Bay Times reported that Clark has over $3 million in bitcoin, and prosecutors believe that money was also obtained illegally. 
• This is not Clark’s first run in with authorities. Last year, they seized cash and $700,000 bitcoin in a criminal investigation, though he was never charged.

17-Year-Old “Mastermind” Arrested

In news that would otherwise appear to come straight from a best-selling young adult heist novel, a 17-year-old Florida teen has been charged as the “mastermind” behind Twitter’s largest hack ever. Reportedly, he’s also worth $3 million in bitcoin. 

That hack, which happened on July 15, successfully infiltrated dozens of high-profile accounts including: Kim Kardashian-West, Kanye, Elon Musk, Jeff Bezos, former President Barack Obama, and presumptive Democratic presidential nominee Joe Biden. It also attacked Twitter accounts for companies like Apple and Uber.

All of those accounts then tweeted out some variation of the same message: “I am giving back to my community due to Covid-19! All Bitcoin sent to my address below will be sent back doubled. If you send $1,000, I will send back $2,000! Only doing this for the next 30 minutes! Enjoy.” 

On Friday, state authorities arrested 17-year-old Graham Ivan Clark in Tampa, Fl. Though he reportedly lives alone and is a recent high school graduate, Clark is still a minor, which is why he was not arrested by federal officials. He will be tried as an adult.

Clark faces 30 different felonies, including 17 counts of communications fraud and one count of fraudulent use of personal information (over $100,000 or 30 or more victims).

On July 16, the Federal Bureau of Investigation announced it was opening an investigation into the hack. The same day that Clark was arrested and charged, two others were charged by federal agents. 

One of those men, 22-year-old Nima Fazeli of Orlando, Fl., has been arrested by federal agents. The other, 19-year-old Mason John Sheppard of the United Kingdom, still hasn’t been arrested but the FBI is expecting him to be taken into custody soon. 

How Clark Hacked Twitter 

Despite many details around Clark being restricted because he is a minor, a criminal affidavit from Florida has still revealed some of the specifics behind how that attack happened.

According to that affidavit, Clark gained access to a portion of Twitter’s network on May 3. Reportedly, this happened after Clark convinced a Twitter employee that he was also an employee in the technology department. He then told the real employee that he needed their  credentials to access the customer service portal.

From there, the affidavit jumps to July 15 and it’s not clear what happened between then, but according to Zdnet, “it appears Clark wasn’t immediately able to pivot from his initial entry point to the Twitter admin tool that he later used to take over accounts.”

In fact, according to The New York Times, he only got access to those credentials after he found a way into Twitter’s internal Slack workspaces and saw them posted there. 

Still, that alone was not enough for him to make his way past Twitter’s two-factor authentication. Likely, he maneuvered around that through what Twitter called a “phone spear phishing attack.”

“The attack on July 15, 2020, targeted a small number of employees through a phone spear phishing attack,” Twitter Support said on Thursday. “This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems.”

The affidavit accuses Discord user Kirk#5270, believed to be Clark, of initiating the attacks.

“I work for Twitter,” Kirk said in a chatroom on July 15. “I can claim any @. Let me know. Don’t tell anyone.”

Soon after, Sheppard and Fazeli joined under separate usernames of their own, and the three reportedly began selling access to Twitter accounts. 

However, this attack is different from the one that targeted personalities like Kim K. Instead, this attack focused on stealing short handles like @drug, @xx, @vampire.

By the end of it, Kirk was accused of netting around $33,000 in bitcoin. Sheppard is accused of acquiring around $7,000 in bitcoin. Fazeli is accused of having worked in cooperation with the two in exchange for a Twitter handle he wanted. 

From here, the criminal complaints against Sheppard and Fazeli end. Of course, that wasn’t the end of the attack. Later that same day, the main hack against numerous high profiles figures began. 

By the end of that, Clark had reportedly stolen around $177,000 from both attacks.

How the 17-Year-Old “Mastermind” Got Caught

If the first part of their plan went off without a hitch, the latter half did not. The alleged criminals reportedly failed to hide their real identities and scrambled to hide their stolen money once the hack went public. Such mistakes led to a quick discovery of their identities by law enforcement.

Clark himself has faced legal trouble before, as well.

According to  the Tampa Bay Times on Sunday, he has 300 Bitcoin — making him worth more than $3 million. Prosecutors have argued that most — if not all of that money — was likely illegally obtained, though Clark’s attorney has denied that claim. 

Last year, Clark was the subject of a criminal investigation where authorities seized $15,000 in cash and 400 bitcoin. Ultimately, Clark was never charged, prosecutors returned 300 bitcoin to him. 

While July’s Twitter hack stirred up significant (and justified) fear over just how easy it was for hackers to target users, as of now, it is unknown if this hack had any more sinister intentions outside of stealing money.

See what others are saying: (Tampa Bay Times) (Zdnet) (WIRED)

• Youtube and TikTok personalities have recently come under fire for attending parties during the ongoing coronavirus pandemic.
• After much backlash online for attending a party last week, YouTuber James Charles issued a text apology within a new video, calling it a “selfish and stupid decision.”
• Viral footage from Tana Mongeau’s social media showed her and Erika Costell at another party Saturday, saying “We don’t care!” which many interpreted as their stance on the pandemic.
• Both later issued text apologies for attending parties and clarified that the comment was in reference to suspected drama between them.

Influencers Just Want to Party

Influencers James Charles, Tana Mongeau, and Erika Costell have issued apologies for attending parties during the coronavirus pandemic after widespread backlash.

On July 21, an estimated 70 people gathered at a Hollywood Hills home to celebrate Hype House member Larray Merritt’s birthday. Influencers in attendance included James Charles, Tana Mongeau, Nikita Dragun, and the D’Amelio sisters.

The guests were widely criticized for ignoring social distancing recommendations and not wearing face masks after fans and fellow creators saw photos and videos of the party online. Despite online backlash, most creators were silent about being involved with the party, only Larray issued a quick apology.

James Charles Apology

Photos of the event showed James Charles ignoring social distancing guidelines and not wearing a mask. Most of these images have since expired from his Instagram story, but on Twitter, he still has a photo up with the caption, “uhh, I think this is the best paparazzi photo I’ve ever taken oh my god.”

It wasn’t until Saturday, after delaying a video he was supposed to have released on Friday, that he finally broke his silence on the matter.

Saturday’s video is titled “A Day in the Life of James Charles,” and shows what the title suggests. Around 17 minutes in, there’s footage of James in an Uber, wearing a mask on his way to the party. The video also shows him at the party wearing a mask, albeit ignoring social distancing.

Then the video cuts to the following message, “Hi sisters! I decided to cut the party footage from the video. Even though I have been wearing a mask in public and have tested negative multiple times, going to a party during a pandemic was a selfish & stupid decisions. People’s safety and keeping COVID-19 contained is FAR more important than celebrating a friend’s birthday and unsafe partying is not something I want to promote to my audience.”

“I recognize that with my platform comes responsibility,” he continued, adding, “and I encourage you guys to be smarter than I was – Wear your masks and continue to social distance. Love you.”

The message stays on screen for 12 seconds before showing footage of James speaking with paparazzi while standing outside of the party.

His apology for attending the party was met with severe backlash online.

“James Charles apology is bs. He knew what he was doing when he went and he knew he shouldn’t go but he didn’t care. He’s only apologizing because he got in trouble and the same with everyone else apologizing,” wrote one user.

James Charles apology is bs. He knew what he was doing when he went and he knew he shouldn’t go but he didn’t care. He’s only apologizing because he got in trouble and the same with everyone else apologizing.

— Destiny Lopez (@deslo11) July 25, 2020

However, there were people who defended the YouTuber, saying, “Y’all just an excuse to hate, nothing ever pleases you all, he could’ve made a 1 hr long apology and y’all still would have been shitting on him, he messed up…”

Y’all just an excuse to hate, nothing ever pleases you all, he could’ve made a 1 hr long apology and y’all still would have been shitting on him, he messed up… but seriously don’t we all ?? Stop acting like you’re some perfect angels, and let people learn from their mistakes xo

— gisselle 🦋 (@gxssxllxv) July 26, 2020

One Party Is Bad Enough…

While James faced critiques over attending Larray’s party, Tana has received particular backlash for attending at least three parties during the pandemic: one at Jake Paul’s home, Larray’s birthday bash, and another party on Saturday.

Outrage against her grew after an Instagram story she posted with Erika Costell Satursady made it seem like the two were making light the pandemic. In the now-expired Instagram live story, the two can be heard saying, “Listen, we don’t fucking care.”

The video quickly caused outrage, and users wrote things like, “Nobody is surprised at the fact that tana mongoose is out there partying everyday day and instead of posting an apology shes out there saying “we dont fucking care” during a whole ass pandemic.”

Although, it’s worth noting that many pointed out that both women were involved with Jake Paul, leading to theories that the post was actually about that.

The confusion was clarified on Sunday night, when Costell tweeted out, “Hey guys – I just want to apologize for the video that was posted last night on Tanas Instagram story. The comment we made as NOT intended as it was perceived. Saying “we don’t care” was about our previous “beef”. It was in no way related to the COVID-19 pandemic we are in.”

She went on to add that she understands why people were offended, calling her attendance “careless and stupid.”

“I am truly sorry to anyone I let down or upset in any way & I fully take accountability for my actions,” she added.

A few hours later, Tana followed up with her own apology on her Instagram story.

“Partying/going to any social gatherings during a global pandemic was such a careless and irresponsible action on my behalf. I fully hold myself accountable for this + will be staying inside,” she wrote.

“Actions like that don’t deserve a platform and I want to fully apologize and be better than this. I’m sorry. While Erika and I were referring to past drama in our video the topic no longer matters – I need to be a example and person.”

While many appreciated that an apology and explanation was finally given, not everyone was buying it. Many pointed out that Tana is constantly giving apologies over the various controversies that she seems to find herself in. YouTuber Elijah Daniel directly called out Tana and Erika for partying, and later added that he was fed up with influencers constantly apologizing and not actually changing.

“hi influencers caught partying, this video is for you. spread this to your fans on ALL of your platforms (since you don’t mind spreading things!), then self quarantine for 14 days and come back and we will consider even reading your apologies.”

See What Others Are Saying: (Dexerto) (Vulture) (Newsweek)

• Twitch has ordered the U.S. Army to stop offering fake giveaways on its platform.
• The issue first came to light after a reporter noticed that a prize giveaway link, which was posted into the chat box of an Army esports stream, redirected users to a recruitment page. 
• According to that reporter, the recruitment page offered “no additional mention of a contest, odds, total number of winners, or when a drawing will occur.”
• Separately, the U.S. Army has also faced substantial blowback for banning Twitch users asking about war crimes, a move that potentially violates free speech laws.

US Army Offers Fake Giveaways

After the United States Army was allegedly caught promising fake prize giveaways on Twitch to promote its recruitment page, Twitch has ordered it to abandon the strategy.

The practice was first detailed by reporter Jordan Uhl in The Nation on Wednesday and stems from the Army’s esports team, which regularly streams on Twitch as a way to talk to teens about life in the military and recruitment options. Both the Navy and the Air Force also have esports teams that stream on Twitch.

In the chat box of those streams, the Army would reportedly post automated links promoting prize giveaways. For example, one prize included an Xbox Elite Series 2 controller; however, once people clicked the link to try to win that controller, they weren’t taken to a page to enter that drawing. 

Instead, according to The Nation, they were directed to “a recruiting form with no additional mention of a contest, odds, total number of winners, or when a drawing will occur.”

The Army esports team routinely points viewers as young as 13 to this page with “Register To Win!” at the top in all caps. In some cases, they claim you can win a $200 controller.

The form is actually a recruiting form.https://t.co/Vk1mC7bn5U pic.twitter.com/N8oQkikeQJ

— jordan (@JordanUhl) July 15, 2020

The news prompted outrage among some streamers and game developers who then urged Twitch to take action against the U.S. Army esports channel.

“The silence from @Twitch on the latest wave of criticism regarding the military using the site to scam kids into sharing personal info speaks volumes,” streamer Jayson “MANvsGame” Love said on Twitter. “Imagine ANY other channel doing that. Feel free to manipulate your viewers as much as you like, I guess?”

On Thursday, gaming website Kotaku reported that Twitch had forced the Army to stop tricking viewers, with Twitch saying in a statement to the outlet, “Per our Terms of Service, promotions on Twitch must comply with all applicable laws. This promotion did not comply with our Terms, and we have required them to remove it.”

Meanwhile, the Army has remained silent on why it allegedly engaged in fake giveaway tactics. 

Is the US Army Also Violating Free Speech Laws on Twitch?

The fake giveaway is not the only Twitch-related controversy the Army has recently faced. Last week, after catching wind of users being banned for asking uncomfortable questions, Uhl reported that the Army’s Twitch channel banned him after he asked about war crimes during a stream—a move that could be seen as a blockage of free speech.

In a recorded video, Uhl asks other viewers what their favorite U.S. war crime is in the chat box of that stream. He then links to the Wikipedia page for U.S. war crimes. Seconds after that, he is banned.

“Have a nice time getting banned, my dude,” Army recruiter and gamer Joshua “Strotnium” David tells Uhl just before the video ends. 

The U.S. Army (and its esports team) are not private entities. While general Twitch streamers can moderate their channels however they wish, public forums hosted by the government are generally required to abide by strict free speech laws.

In response, the Army later confirmed that it banned Uhl directly because of his comments, arguing that those comments violated Twitch’s harassment policies.

“Team members are very clear when talking with potential applicants that a game does not reflect a real Army experience,” a representative of the U.S. Army esports team told Vice. “They discuss their career experiences in real terms with factual events.”

“Team members ensure people understand what the Army offers through a realistic lens and not through the lens of a game meant for entertainment. This user’s question was an attempt to shift the conversation to imply that Soldiers commit war crimes based on an optional weapon in a game, and we felt that violated Twitch’s harassment policy.”

“The U.S. Army offers youth more than 150 different careers, and ultimately the goal of the Army eSports Team is to accurately portray that range of opportunities to interested youth.”

The American Civil Liberties Union, however, has argued that “calling out the government’s war crimes isn’t harassment, it’s speaking truth to power. And banning users who ask important questions isn’t ‘flexing,’ it’s unconstitutional.”

Concerns Over Army Streaming With Teens

“Was I undiplomatic?,” Uhl asked in his Wednesday article. “Sure. But if the military is going to use one of the world’s most popular platforms to recruit kids, then it shouldn’t be able to do so without some pushback. Right now, with the support of Twitch, gamers with the US military are spending hours with children as young as 13, trying to convince them to enlist.”

As Uhl noted, the military’s newfound use of Twitch could be an even more effective method than “approaching a recruiter behind a table in a school cafeteria.” For example, “kids can hang out with one who is playing their favorite video games and replying to their chat messages for hours on end.”

Of the four main branches of the military, only the Marine Corps has refused to launch an esports team. 

“This is due in part to the belief that the brand and issues associated with combat are too serious to be ‘gamified’ in a responsible manner,” the Marine Corps Recruiting Command said in January. 

See what others are saying: (The Nation) (Kotaku) (The Verge)