Graham Ivan Clark | |
|---|---|
 Booking photo from July 2020 | |
| Born | Graham Ivan Clark January 9, 2003 Tampa, Florida, U.S. |
| Nationality | American |
| Other names | Kirk, OpenHCF, Open, Scrim, Feed, Graham$ |
| Education | Gaither High School |
| Known for | 2020 Twitter bitcoin scam |
| Criminal status | Released |
| Parent |
|
Graham Ivan Clark (born January 9, 2003) is an American computer hacker, cybercriminal and a convicted felon regarded as the mastermind behind the 2020 Twitter account hijacking.
Graham Ivan Clark grew up in Hillsborough County, Florida, with his mother, father, and older sister. [1] His parents divorced when he was 7; as of 2020, his father lives in Indiana. [2] During his teenage years, Clark used various aliases while participating in online communities, gaining notoriety as a scammer in the "hardcore factions" Minecraft community. [3] In 2018, Graham joined OGUsers, a forum dedicated to selling, buying, and trading online accounts, and was banned after four days.
In 2019, at the age of 16, Clark was involved in stealing 164 bitcoins from Gregg Bennett, a Seattle-based angel investor, through a SIM swap attack. Clark sent two extortion notes under the alias "Scrim", stating, "We just want the remainder of the funds in the Bittrex", referring to the cryptocurrency exchange "Bittrex" that Bennett had used, and "We are always one step ahead and this is your easiest option." The United States Secret Service managed to recover only 100 bitcoins from the heist. [4] In an interview, Bennett said he was told by a Secret Service agent that the person with the stolen bitcoins was not arrested because he was a minor. [2]
Clark is widely regarded as the "mastermind" of the 2020 Twitter account hijacking, [5] [6] an event in which Clark worked with Mason Sheppard and Nima Fazeli to compromise 130 high-profile Twitter accounts to push a cryptocurrency scam involving bitcoin along with seizing "OG" (short for original) usernames to sell on OGUsers. At the time, Sheppard was 19, Fazeli was 22, and Clark was 17. Sheppard and Fazeli specialized in playing the role of brokers in selling the Twitter handles on OGUsers.
The Twitter hack began on June 14 when Sheppard and Fazeli assisted Clark in manipulating employees through social engineering. [7] This involved calling multiple Twitter employees and posing as the help desk in Twitter's IT department responding to a reported problem with Twitter's internal VPN. From there, Clark directed the employee to a phishing site that was identical in appearance to Twitter's VPN log-in portal. When the employee entered their information into the phishing portal, the credentials were simultaneously entered onto the real log-in page. After one employee account was compromised, it was used to review instructions on Twitter's intranet on how to take over Twitter accounts. [8]
On July 31, 2020, Clark was arrested at his home in Northdale, Florida. He faced 30 criminal charges, including 17 counts of communication fraud, 11 counts of fraudulent use of personal information, one count of organized fraud for more than $5,000, and one count of accessing a computer or electronic device without authority. His bail was set at $725,000 and he pleaded not guilty. His hearing was held on March 16, 2021, via Zoom at Hillsborough County Jail. He was sentenced to three years in prison followed by three years of probation as part of a plea deal under Florida's Youthful Offender Act, which limits the penalties for convicted felons under the age of 21. [9] According to the Tampa Bay Times , he was able to serve part of his time in a military-style boot camp. [10]
The plea agreement [11] stipulated that Clark could not "direct[ly] or indirect[ly] access" any electronic device without both the express permission of his prohibition officer and the notification of the Florida Department of Law Enforcement. He was also required to provide a list of "any and all electronic mail addresses, Interactive computer services, Internet domain names, commercial social networking websites, online or remote storage and computing devices, Internet identifiers and each Internet identifier's corresponding website [sic] homepage or application software name; home telephone numbers and cellular telephone numbers in his care custody or control." Additionally, he was ordered to disclose passwords, security codes, tokens, and key fobs. [12]
Clark was released from Saint Petersburg Community Release Center on February 16, 2023.[ citation needed ]
Markus Alexej Persson, also known as "Notch", is a Swedish video game programmer and designer. He is best known for creating the sandbox video game Minecraft, which has since become the best-selling video game in history; and for founding the video game development company Mojang Studios in 2009. Persson is currently working on new games under the banner of Bitshift Entertainment.
Satoshi Nakamoto is the name used by the presumed pseudonymous person or persons who developed Bitcoin, authored the Bitcoin white paper, and created and deployed Bitcoin's original reference implementation. As part of the implementation, Nakamoto also devised the first blockchain database. Nakamoto was active in the development of bitcoin until December 2010.
Silk Road was an online black market and the first modern darknet market. It was launched in 2011 by its American founder Ross Ulbricht under the pseudonym "Dread Pirate Roberts." As part of the dark web, Silk Road operated as a hidden service on the Tor network, allowing users to buy and sell products and services between each other anonymously. All transactions were conducted with bitcoin, a cryptocurrency which aided in protecting user identities. The website was known for its illegal drug marketplace, among other illegal and legal product listings. Between February 2011 and July 2013, the site facilitated sales amounting to 9,519,664 Bitcoins.
The Syrian Electronic Army is a group of computer hackers which first surfaced online in 2011 to support the government of Syrian President Bashar al-Assad. Using spamming, website defacement, malware, phishing, and denial-of-service attacks, it has targeted terrorist organizations, political opposition groups, western news outlets, human rights groups and websites that are seemingly neutral to the Syrian conflict. It has also hacked government websites in the Middle East and Europe, as well as US defense contractors. As of 2011, the SEA has been "the first Arab country to have a public Internet Army hosted on its national networks to openly launch cyber attacks on its enemies".
Mt. Gox was a bitcoin exchange based in Shibuya, Tokyo, Japan. Launched in 2010, it was handling over 70% of all bitcoin (BTC) buys/sells worldwide by early 2014, when it abruptly ceased operations amid revelations of its involvement in the loss/theft of hundreds of thousands of bitcoins, then worth hundreds of millions in US dollars.
Dogecoin is a cryptocurrency created by software engineers Billy Markus and Jackson Palmer, who decided to create a payment system as a joke, making fun of the wild speculation in cryptocurrencies at the time. It is considered both the first "meme coin", and more specifically the first "dog coin". Despite its satirical nature, some consider it a legitimate investment prospect. Dogecoin features the face of the Shiba Inu dog from the "doge" meme as its logo and namesake. It was introduced on December 6, 2013, and quickly developed its own online community, reaching a peak market capitalization of over US$85 billion on May 5, 2021. As of 2021, it is the sleeve sponsor of Watford Football Club.
Monero is a cryptocurrency which uses a blockchain with privacy-enhancing technologies to obfuscate transactions to achieve anonymity and fungibility. Observers cannot decipher addresses trading Monero, transaction amounts, address balances, or transaction histories.
Kraken is a United States–based cryptocurrency exchange, founded in 2011. It was one of the first bitcoin exchanges to be listed on Bloomberg Terminal and was valued at US$3 billion in Jan 2024. The company has been the subject of several regulatory investigations since 2018, and has agreed to cumulative fines of over $30 million.
Bitcoin was designed by its pseudonymous inventor, Satoshi Nakamoto, to work as a currency, but its status as a currency is disputed. Economists define money as a store of value, a medium of exchange and a unit of account, and agree that bitcoin does not currently meet all these criteria.
Cryptocurrency and crime describe notable examples of cybercrime related to theft of cryptocurrencies and some methods or security vulnerabilities commonly exploited. Cryptojacking is a form of cybercrime specific to cryptocurrencies that have been used on websites to hijack a victim's resources and use them for hashing and mining cryptocurrency.
A SIM swap scam is a type of account takeover fraud that generally targets a weakness in two-factor authentication and two-step verification in which the second factor or step is a text message (SMS) or call placed to a mobile telephone.
No Postage Necessary is a 2017 American romantic comedy independent film written and directed by Jeremy Culver as his second narrative feature and starring George Blagden, Charleene Closshey, Robbie Kay, Stelio Savante, with Michael Beach and Raymond J. Barry. The film integrates current political happenings — including the Silk Road, hacktivism, and cyberterrorism — into a dramedy set in Plant City, Florida.
The Dark Overlord is an international hacker organization which garnered significant publicity through cybercrime extortion of high-profile targets and public demands for ransom to prevent the release of confidential or potentially embarrassing documents.
Nano is a cryptocurrency characterized by a directed acyclic graph data structure and distributed ledger, making it possible for Nano to work without intermediaries. To agree on what transactions to commit, it uses a voting system with weight based on the amount of currency an account holds.
Jim Browning is the Internet alias of a software engineer and YouTuber from Northern Ireland whose content focuses on scam baiting and investigating call centres engaging in fraudulent activities.
On July 15, 2020, between 20:00 and 22:00 UTC, 130 high-profile Twitter accounts were reportedly compromised by outside parties to promote a bitcoin scam. Twitter and other media sources confirmed that the perpetrators had gained access to Twitter's administrative tools so that they could alter the accounts themselves and post the tweets directly. They appeared to have used social engineering to gain access to the tools via Twitter employees. Three individuals were arrested by authorities on July 31, 2020, and charged with wire fraud, money laundering, identity theft, and unauthorized computer access related to the scam.
Cryptojacking is the act of exploiting a computer to mine cryptocurrencies, often through websites, against the user's will or while the user is unaware. One notable piece of software used for cryptojacking was Coinhive, which was used in over two-thirds of cryptojacks before its March 2019 shutdown. The cryptocurrencies mined the most often are privacy coins—coins with hidden transaction histories—such as Monero and Zcash.
Lapsus$, stylised as LAPSUS$ and classified by Microsoft as Strawberry Tempest, was an international extortion-focused hacker group known for its various cyberattacks against companies and government agencies. The group was globally active, and has had members arrested in Brazil and the UK.
OGUsers (OGU) is an internet forum that facilitates the discussion and buying of social media accounts and online usernames. Established in 2017, the website is dedicated to the buying and selling of "rare" or "OG" online accounts that are considered valuable due to their name or age. The website acts as a platform for cybercrime and the harassment of individuals for access to their online accounts. Several high-profile incidents have been linked to the forum, most notably the 2020 Twitter account hijacking.