Teen Behind Twitter Bit-Con Breach Cuts Plea Deal

The ‘young mastermind’ of the Twitter hack will serve three years in juvenile detention. 

Thanks to a new plea deal with the Florida State Attorney’s Office, the 18-year-old behind last summer’s breach of Twitter’s high-profile accounts will not be charged as an adult, and instead will serve his sentence in juvenile detention.

Graham Ivan Clark was arrested seven months ago, and has accepted responsibility the July “Bit-Con” Twitter breach. He will spend the next six years under supervision — three years in juvenile detention and three years of probation — which is the maximum number of years of supervision permitted by Florida’s Youthful Offender Act, the State Attorney’s Office said in a statement.

However, if Clark violates probation, he will face a minimum of 10 years in adult prison, prosecutors said. He turned 18 in January, and will be under supervision until 2026, when he will be 23 years old, they added.

Clark’s Twitter Bit-Con

On July 15, Clark breached Twitter’s internal systems to take over the accounts of some of the platform’s most famous verified accounts, including those of Barack Obama, Bill Gates Elon Musk and Apple. Clark then asked their followers to send Bitcoin to an account he controlled, which allowed Clark to steal more than $117,000.

Clark was charged with co-defendants Mason Sheppard and Nima Fazlei, but he was identified by law enforcement as the “young mastermind.”

“He took over the accounts of famous people, but the money he stole came from regular, hard-working people,” Hillsborough State Attorney Andrew Warren said. “Graham Clark needs to be held accountable for that crime, and other potential scammers out there need to see the consequences. In this case, we’ve been able to deliver those consequences while recognizing that our goal with any child, whenever possible, is to have them learn their lesson without destroying their future.”

In all, 130 accounts were hijacked because of a mobile spear-phishing campaign targeting Twitter employees.

“This attack relied on a significant and concerted attempt to mislead certain employees, and exploit human vulnerabilities, to gain access to our internal systems,” Twitter said in its update from last July. “This was a striking reminder of how important each person on our team is in protecting our service.”

Cybercrime Investigators Flex

Clark was facing 30 felony charges stemming from the Twitter takeover scam, including organized and communications fraud, and fraudulent use of personal information, which would have meant years more in detention.

The State Attorney’s Office said the time Clark has already spent incarcerated will be applied to his sentence.

The plea deal means Clark accepts responsibility for the “wide range of hacking and social-engineering techniques to defeat security protocols at Twitter,” according to the prosecutor’s statement.

Authorities want to send the message that they are on the lookout for cybercrime and equipped to arrest, charge and convict would-be threat actors.

“Because of the expertise and dedication of our cybercrime investigators, working with State Attorney Warren’s Office and the FBI, we were able to recover the stolen Bitcoin so it can be returned to the victims,” Florida Department of Law Enforcement (FDLE) Commissioner Rick Swearingen said. “I thank our FDLE agents and federal partners for their work quickly unraveling this case and hope it serves as a warning to potential hackers that if you commit a computer crime, our FDLE agents will find you.”

Check out our free upcoming live webinar events – unique, dynamic discussions with cybersecurity experts and the Threatpost community:

Suggested articles