Three individuals were implicated in the Twitter breach that saw the accounts of public figures hacked through a spear-phishing campaign, and all three were arrested today. All three individuals were located in the United States or the United Kingdom and young. The ringleader is a 17 year-old located in Tampa, Florida, and the other two are 19 (Mason Sheppard, United Kingdom) and 22 (Nima Fazeli, Orland, Florida). Information about the ringleader is not readily available, as their identity and charges are not public due to their age. Mason and Nima both face a $250,000 fine and roughly 20 years in jail for conspiracy to commit wire fraud, conspiracy to commit money laundering, and accessing a protected computer.
An investigation is still ongoing to determine if an insider assisted the three individuals in identifying who to target within Twitter to gain the access they desired. The rapid identification and arrest of these three individuals may serve as a deterrent and warning to other attackers. While the news is full of stories of state actors from China, Iran, North Korea, and Russia successfully attacking entities and getting away unscathed, what protects those individuals is the country they reside in and the vast resources at their disposal. The United States and European Union routinely identify attackers and raise charges against them, but the attacker’s host country is quick to dismiss them.
The attackers were identified because they used real IDs to verify their identities and setup the accounts necessary for the cryptocurrency collection and transfer. Your average person does not have access to fake identities that can withstand scrutiny from government investigators, and those that do wouldn’t spend them on something so brazen as hacking into Elon Musk’s Twitter account.