Twitter Hacker & Bitcoin Scammer to Serve Three Years in Prison

While impersonating several famous people and companies through their Twitter accounts, the hacker Clark solicited their users to send bitcoin (BTC) to an address he controlled.

“I am giving back to the community,” began one tweet from the account belonging to President Joe Biden. “All Bitcoin sent to the address below will be sent back doubled! If you send $1,000, I will send back $2,000. Only doing this for 30 minutes … Enjoy!”

Clark had also sent similar messages from other famous Twitter accounts. He collected roughly $117,000 in BTC from the scam.

Details of the Case

Clark was 17 when he perpetrated the attack last year with the help of two accomplices. Clark was sentenced as a “youthful offender.” If convicted as an adult, Clark faced a minimum ten-year sentence. However, if he violates his parole, he will serve the mandatory minimum sentence.

“Graham Clark needs to be held accountable for that crime, and other potential scammers out there need to see the consequences,” a member of the prosecution said in a statement. “In this case, we’ve been able to deliver those consequences while recognizing that our goal with any child, whenever possible, is to have them learn their lesson without destroying their future.”

The Florida Department of Law Enforcement discovered Clark had accessed Twitter’s systems via social engineering. Clark used the social engineering tactic “people hacking.” Clark was able to access the company’s customer service portal by convincing a Twitter employee that worked in its IT department.

According to the plea agreement, Clark will no longer use computers without permission and supervision from law enforcement. He will also have to submit to searches of his home and relinquish passwords to any accounts he controls. Clark’s defense attorney confirmed that he had turned over all the cryptocurrency he had stolen.

Hacker to Blame, Not Blockchain

Although BTC has a bad reputation for facilitating illegal activities, the blockchain system it operates on is inherently secure by design. Any risk of scamming related to cryptocurrencies comes from the infrastructure surrounding the blockchain. This can also include human beings.

For instance, users of the non-fungible token (NFT) marketplace, Nifty Gateway, reported their accounts had been hacked this past weekend. The hacker was able to steal and purchase NFT art using accounts’ linked credit card credentials.

Additionally, on Monday, March 15, several decentralized finance (DeFi) projects on the Binance Smart Chain came under a Domain Name System (DNS) attack. Hackers hijacked the domain names of  PancakeSwap and Cream Finance. This means they diverted the traffic intending to reach those sites to an unknown address. There, the hacker asked users their seed phrases, which could give others access to their wallets.

It is a common maxim in the crypto world to never share your seed phrases or private keys with anyone, let alone over the internet.