A teenager in Florida has been arrested over a major Twitter hack in July, according to the Hillsborough State Attorney’s Office.
On 15 July, Twitter accounts of multiple high-profile US figures were hijacked in an apparent Bitcoin scam.
Hillsborough State Attorney Andrew Warren has filed 30 felony charges against the teenager for “scamming people across America”.
The charges include organised fraud and fraudulent use of personal information.
The attack saw high-profile accounts such as Elon Musk, Microsoft founder Bill Gates, Amazon boss Jeff Bezos, Democratic presidential hopeful Joe Biden, former US President Barack Obama and reality star Kim Kardashian West falsely tweet out requests for Bitcoin donations.
“As a cryptocurrency, Bitcoin is difficult to track and recover if stolen in a scam,” Mr Warren said in a statement.
“These crimes were perpetrated using the names of famous people and celebrities, but they’re not the primary victims here. This ‘Bit-Con’ was designed to steal money from regular Americans from all over the country, including here in Florida.
“This massive fraud was orchestrated right here in our backyard, and we will not stand for that.”
The charges against the teenager include 17 counts of communication fraud, 10 counts of fraudulent use of personal information, one count of fraudulent use of personal information with over $100,000 (£76,340) or 30 or more victims, one count of organised fraud and one count of access to computers or electronic devices without authority.
Mr Warren said the investigation to “discover the perpetrator” was a collaboration between the Florida Department of Law enforcement, the US Attorney’s Office for the Northern District of California, the FBI, the IRS, and the Secret Service.
The teenager lives in Tampa, Florida and so will be prosecuted by Hillsborough State authorities.
Twitter said in a statement: “We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses.
“For our part, we are focused on being transparent and providing updates regularly.”
After the hack, Twitter said the hackers had targeted its employees “with access to internal systems and tools”.
It added that “significant steps” had been taken to limit access to such internal systems and tools while the company’s investigation continues.
According to BBC cyber-security reporter Joe Tidy, the consensus in the information security community is that Twitter’s employees were likely duped by a spear-phishing attack via a phone call.
This involves using friendly persuasion and trickery to get victims to hand over crucial information that enables hackers to infiltrate a company’s systems.
source: BBC