A 17-year-old in Tampa, Florida, is accused of taking over the Twitter accounts of Elon Musk, Bill Gates, Barack Obama and numerous other celebrities to scam people into sending the teen bitcoin.
The teen, whose name and photo CNBC is not publishing because the teen is a minor, was arrested and charged, the office of Hillsborough County State Attorney Andrew Warren announced on Friday.
Warren’s office described the teen as the “mastermind” behind the attack.
“These crimes were perpetrated using the names of famous people and celebrities, but they’re not the primary victims here,” Warren said in a statement. “This ‘Bit-Con’ was designed to steal money from regular Americans from all over the country, including here in Florida. This massive fraud was orchestrated right here in our backyard, and we will not stand for that.”
Warren’s office has filed 30 felony charges against the 17-year-old. The charges include organized fraud, communications fraud, fraudulent use of personal information and access of computer or electronic device without authority.
Two adults were also charged, the Department of Justice said Friday.
Mason Sheppard, aka “Chaewon,” 19, of Bognor Regis, in the United Kingdom, was charged in a criminal complaint in the Northern District of California with conspiracy to commit wire fraud, conspiracy to commit money laundering, and the intentional access of a protected computer.
Nima Fazeli, aka “Rolex,” 22, of Orlando, Florida, was charged in a criminal complaint in the Northern District of California with aiding and abetting the intentional access of a protected computer.
The teen’s scam reaped more than $100,000 worth of bitcoin on July 15, according to Warren’s office.
Twitter provided its most recent update into the attack on Thursday evening.
“The social engineering that occurred on July 15, 2020, targeted a small number of employees through a phone spear phishing attack,” Twitter said in a blog post. “A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools. Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes.”
Twitter acknowledged the charges and arrest on Friday.
“We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses,” Twitter said in a tweet. “For our part, we are focused on being transparent and providing updates regularly.”