Security News

A court hearing held via Zoom for a US teenager accused of masterminding a stunning hack of Twitter was interrupted Wednesday with rap music and porn, a newspaper reported. The purpose of the hearing was to discuss reducing bail terms set for the 17 year old Tampa resident arrested last Friday over the hack last month of the accounts of major US celebrities.

Twitter has fixed a vulnerability in its Android app, which could have enabled attackers to access private Twitter data, like direct messages on Android devices. The flaw is related to an underlying Android operating system security issue, which affects operating system versions 8 and 9, said Twitter.

Perhaps fittingly, a Web-streamed court hearing for the 17-year-old alleged mastermind of the July 15 mass hack against Twitter was cut short this morning after mischief makers injected a pornographic video clip into the proceeding. The prosecution had argued that Clark should be required to show that any funds used toward securing that bond were gained lawfully, and were not merely the proceeds from his alleged participation in the Twitter bitcoin scam or some other form of cybercrime.

In the Twitter breach, the attackers leveraged social engineering tactics to target a small number of employees through a phone spear phishing attack. In Twitter's case, the intelligence gained by the attackers enabled them to target additional employees who did have access to the Twitter account support tool, which allows privileged employees to control all facets of a Twitter account.

A Florida teen identified as the mastermind of a scheme that gained control of Twitter accounts of prominent politicians, celebrities and technology moguls pleaded not guilty on Tuesday to multiple counts of fraud. Graham Ivan Clark, 17, is accused of using the hijacked Twitter accounts to scam people around the world out of more than $100,000 in Bitcoin.

Twitter may be facing a Federal Trade Commission fine of up to $250 million, after the social media giant last year revealed the improper use of users' email addresses and phone numbers. In its October 2019 notice about the improper data use, Twitter explained that it had matched its users to advertisers' marketing lists based on the email or phone number the Twitter account holder provided during two-factor authentication.

Court documents made public last week by U.S. authorities following the announcement of charges against three individuals allegedly involved in the recent Twitter attack revealed how some of the hackers were identified by investigators. According to court documents, a user with the online moniker Kirk#5270 on the chat service Discord claimed to work for Twitter and offered to provide access to any user account.

A 17-year-old teen and two other 19 and 22-year-old individuals have reportedly been arrested for being the alleged mastermind behind the recent Twitter hack that simultaneously targeted several high-profile accounts within minutes as part of a massive bitcoin scam. On July 15, Twitter faced the biggest security lapse in its history after an attacker managed to hijack nearly 130 high-profile twitter accounts, including Barack Obama, Kanye West, Joe Biden, Bill Gates, Elon Musk, Jeff Bezos, Warren Buffett, Uber, and Apple.

The US Department of Justice just issued a press release entitled simply, "Three Individuals Charged for Alleged Roles in Twitter Hack.". In some ways, the Twitter hack referred to, which happened just two weeks ago on 2020-07-15, was tiny.

The miscreants also managed to access the Twitter Direct Messages in 36 accounts, and to download Twitter account data for seven accounts. "Increasingly we rely on platforms like Twitter to receive news and other information that is important to our lives," said US Attorney for the Northern District of California David Anderson in the video statement below.