Graham Ivan Clark | |
|---|---|
 Booking photo from July 2020 | |
| Born | Graham Ivan Clark January 9, 2003 Tampa, Florida, U.S. |
| Other names | Kirk, OpenHCF, Open, Scrim, Feed, Graham$ |
| Education | Gaither High School |
| Known for | 2020 Twitter bitcoin scam |
| Criminal status | Released |
| Mother | Emilya Clark |
Graham Ivan Clark (born January 9, 2003) is an American computer hacker, cybercriminal and a convicted felon regarded as the mastermind behind the 2020 Twitter account hijacking.
Graham Ivan Clark grew up in Hillsborough County, Florida, with his mother, father, and older sister. [1] His parents divorced when he was 7; as of 2020, his father lives in Indiana. [2] During his teenage years, Clark used various aliases while participating in online communities, gaining notoriety as a scammer in the "hardcore factions" Minecraft community. [3] In 2018, Graham joined OGUsers, a forum dedicated to selling, buying, and trading online accounts, and was banned after four days.
In 2019, at the age of 16, Clark was involved in stealing 164 bitcoins from Gregg Bennett, a Seattle-based angel investor, through a SIM swap attack. Clark sent two extortion notes under the alias "Scrim", stating, "We just want the remainder of the funds in the Bittrex", referring to the cryptocurrency exchange "Bittrex" that Bennett had used, and "We are always one step ahead and this is your easiest option." The United States Secret Service managed to recover only 100 bitcoins from the heist. [4] In an interview, Bennett said he was told by a Secret Service agent that the person with the stolen bitcoins was not arrested because he was a minor. [2]
Clark is widely regarded as the "mastermind" of the 2020 Twitter account hijacking, [5] [6] an event in which Clark worked with Mason Sheppard and Nima Fazeli to compromise 130 high-profile Twitter accounts to push a cryptocurrency scam involving bitcoin along with seizing "OG" (short for original) usernames to sell on OGUsers. At the time, Sheppard was 19, Fazeli was 22, and Clark was 17. Sheppard and Fazeli specialized in playing the role of brokers in selling the Twitter handles on OGUsers.
The Twitter hack began on June 14 when Sheppard and Fazeli assisted Clark in manipulating employees through social engineering. [7] This involved calling multiple Twitter employees and posing as the help desk in Twitter's IT department responding to a reported problem with Twitter's internal VPN. From there, Clark directed the employee to a phishing site that was identical in appearance to Twitter's VPN log-in portal. When the employee entered their information into the phishing portal, the credentials were simultaneously entered onto the real log-in page. After one employee account was compromised, it was used to review instructions on Twitter's intranet on how to take over Twitter accounts. [8]
On July 31, 2020, Clark was arrested at his home in Northdale, Florida. He faced 30 criminal charges, including 17 counts of communication fraud, 11 counts of fraudulent use of personal information, one count of organized fraud for more than $5,000, and one count of accessing a computer or electronic device without authority. His bail was set at $725,000 and he pleaded not guilty. His hearing was held on March 16, 2021, via Zoom at Hillsborough County Jail. He was sentenced to three years in prison followed by three years of probation as part of a plea deal under Florida's Youthful Offender Act, which limits the penalties for convicted felons under the age of 21. [9] According to the Tampa Bay Times , he was able to serve part of his time in a military-style boot camp. [10]
The plea agreement [11] stipulated that Clark could not "direct[ly] or indirect[ly] access" any electronic device without both the express permission of his probation officer and the notification of the Florida Department of Law Enforcement. He was also required to provide a list of "any and all electronic mail addresses, Interactive computer services, Internet domain names, commercial social networking websites, online or remote storage and computing devices, Internet identifiers and each Internet identifier's corresponding website [sic] homepage or application software name; home telephone numbers and cellular telephone numbers in his care custody or control." Additionally, he was ordered to disclose passwords, security codes, tokens, and key fobs. [12]
Clark was released from Saint Petersburg Community Release Center on February 16, 2023. He is currently under probation until February 15, 2026. [13]
Bryce Case Jr., otherwise known as YTCracker, is an American rapper from La Mirada, California. His stage name derives from having formerly been a black hat hacker. Case is best known for his contributions to the hacking community along with nerdcore hip hop subculture.
The Internet has a long history of turbulent relations, major maliciously designed disruptions, and other conflicts. This is a list of known and documented Internet, Usenet, virtual community and World Wide Web related conflicts, and of conflicts that touch on both offline and online worlds with possibly wider reaching implications.
Voice phishing, or vishing, is the use of telephony to conduct phishing attacks.
Jorge Stolfi is a full professor of computer science at the State University of Campinas, working in computer vision, image processing, splines and other function approximation methods, graph theory, computational geometry and several other fields. According to the ISI Web Of Science, as of 2010 he was the most highly cited computer scientist in Brazil. Outside of academia, Stolfi has accrued an online following due to his skepticism and comments on Bitcoin.
Markus Alexej Persson, also known as "Notch", is a Swedish video game programmer and designer. He is the creator of Minecraft, which since its release has become the best-selling video game in history. He founded the video game development company Mojang Studios in 2009.
Satoshi Nakamoto is the name used by the presumed pseudonymous person or persons who developed bitcoin, authored the bitcoin white paper, and created and deployed bitcoin's original reference implementation. As part of the implementation, Nakamoto also devised the first blockchain database. Nakamoto was active in the development of bitcoin until December 2010.
Silk Road was an online black market and the first modern darknet market. It was launched in 2011 by its American founder Ross Ulbricht under the pseudonym "Dread Pirate Roberts." As part of the dark web, Silk Road operated as a hidden service on the Tor network, allowing users to buy and sell products and services between each other anonymously. All transactions were conducted with bitcoin, a cryptocurrency which aided in protecting user identities. The website was known for its illegal drug marketplace, among other illegal and legal product listings. Between February 2011 and July 2013, the site facilitated sales amounting to 9,519,664 Bitcoins.
Michael Jude Gogulski is a political activist and freelance translator. He is one of a small number of former Americans known to have voluntarily become stateless.
UGNazi is a hacker group. The group conducted a series of cyberattacks, including social engineering, data breach, and denial-of-service attacks, on the websites of various organizations in 2012. Two members of UGNazi were arrested in June 2012; one was incarcerated. In December 2018, two members of UGNazi were arrested in connection with a murder in Manila.
Bitcoin is a cryptocurrency, a digital asset that uses cryptography to control its creation and management rather than relying on central authorities. Originally designed as a medium of exchange, Bitcoin is now primarily regarded as a store of value. The history of bitcoin started with its invention and implementation by Satoshi Nakamoto, who integrated many existing ideas from the cryptography community. Over the course of bitcoin's history, it has undergone rapid growth to become a significant store of value both on- and offline. From the mid-2010s, some businesses began accepting bitcoin in addition to traditional currencies.
Ross William Ulbricht is an American serving life imprisonment for creating and operating the darknet market website Silk Road from 2011 until his arrest in 2013. The site operated as a hidden service on the Tor network and facilitated the sale of narcotics and other illegal products and services. Ulbricht ran the site under the pseudonym "Dread Pirate Roberts", after the fictional character from The Princess Bride.
Vitaly Dmitrievich Buterin, better known as Vitalik Buterin, is a Canadian computer programmer and co-founder of Ethereum. Buterin became involved with cryptocurrency early in its inception, co-founding Bitcoin Magazine in 2011 and Dark Wallet in 2013 together with Amir Taaki and Cody Wilson In 2015, Buterin deployed the Ethereum blockchain with Gavin Wood, Charles Hoskinson, Anthony Di Iorio, and Joseph Lubin.
Cryptocurrency and crime describe notable examples of cybercrime related to theft of cryptocurrencies and some methods or security vulnerabilities commonly exploited. Cryptojacking is a form of cybercrime specific to cryptocurrencies that have been used on websites to hijack a victim's resources and use them for hashing and mining cryptocurrency.
A SIM swap scam is a type of account takeover fraud that generally targets a weakness in two-factor authentication and two-step verification in which the second factor or step is a text message (SMS) or call placed to a mobile telephone.
No Postage Necessary is a 2017 American romantic comedy independent film written and directed by Jeremy Culver as his second narrative feature and starring George Blagden, Charleene Closshey, Robbie Kay, Stelio Savante, with Michael Beach and Raymond J. Barry. The film integrates current political happenings — including the Silk Road, hacktivism, and cyberterrorism — into a dramedy set in Plant City, Florida.
The Dark Overlord is an international hacker organization which garnered significant publicity through cybercrime extortion of high-profile targets and public demands for ransom to prevent the release of confidential or potentially embarrassing documents.
Jim Browning is the Internet alias of a software engineer and YouTuber from Northern Ireland whose content focuses on scam baiting and investigating call centres engaging in fraudulent activities.
On July 15, 2020, between 20:00 and 22:00 UTC, 130 high-profile Twitter accounts were reportedly compromised by outside parties to promote a bitcoin scam. Twitter and other media sources confirmed that the perpetrators had gained access to Twitter's administrative tools so that they could alter the accounts themselves and post the tweets directly. They appeared to have used social engineering to gain access to the tools via Twitter employees. Three individuals were arrested by authorities on July 31, 2020, and charged with wire fraud, money laundering, identity theft, and unauthorized computer access related to the scam.
Lapsus$, stylised as LAPSUS$ and classified by Microsoft as Strawberry Tempest, is an international extortion-focused hacker group known for its various cyberattacks against companies and government agencies. The group was active in several countries, and has had its members arrested in Brazil and the UK in 2022. According to City of London Police at least two of the members were teenagers.
OGUsers (OGU) is an Internet forum that facilitates the discussion and buying of social media accounts and online usernames. Established in 2017, the website is dedicated to the buying and selling of "rare" or "OG" online accounts that are considered valuable due to their name or age. The website acts as a platform for cybercrime and the harassment of individuals for access to their online accounts. Several high-profile incidents have been linked to the forum, most notably the 2020 Twitter account hijacking.
{{cite web}}: |last= has generic name (help){{cite web}}: |last= has generic name (help)