The investigation of the unprecedented Twitter hack earlier this summer has produced a new suspect: a 16-year-old from Massachusetts, according to a new report from The New York Times. This new suspect would be the youngest of the group of conspirators spanning the US and the UK, a group now totaling four individuals who together planned and then pulled off account takeovers of dozens of high-profile Twitter users to promote a bitcoin scam.
It’s still unclear which members had direct control of internal Twitter systems and how exactly they gained access beyond somehow tricking company employees, but the supposed mastermind of the hack is believed to be 17-year-old Floridian Graham Ivan Clark, who has been charged as an adult with 30 felonies. The others include 19-year-old Mason John Sheppard of the UK and 22-year-old Nima Fazeli of Orlando, Florida.
Now, the Times reports a third person, the Massachusetts teenager, may have also been involved in the planning of the attack, and that both the unnamed teen and Clark were jointly responsible for posting tweets to accounts belonging to Barack Obama, Joe Biden, Elon Musk, and others. That’s an important detail because Clark was believed to have been the only one of the group to have used the internal tools.
The teenager has not yet been charged, but he is believed to have been directly involved
NYT has not named the individual because he is a minor and because prosecutors have not filed charges. Because he is a minor, Massachusetts authorities may handle the case in the event the teenager is arrested because of how federal laws that make it difficult to charge those under 18 as adults, according to the Times’ report. The individual was, however, served a search warrant on Tuesday and the FBI raided his parents’ house, where he lives.
Little else is known about the Massachusetts teen, other than that he practiced a type of social engineering hack calling “vishing,” in which the attacker phishes tech company employees over the phone while impersonating contractors to steal login credentials for sensitive systems. He then moved onto SIM swapping and other forms of hacking, where he linked up with Clark online and also reportedly participated in a high-profile intrusion of domain provider GoDaddy earlier this year.
The NYT report also notes how the teen became involved in OGusers.com, an online marketplace that facilitates the sale of rare online handles and where the Twitter hacking conspirators are believed to have met before moving planning of the attack to Discord and other platforms.