The Twitter profiles were used to post messages asking their millions of followers to send Bitcoin to accounts associated with Clark.
Court papers suggest Fazeli and Sheppard got involved in the scheme after Clark dangled the possibility of obtaining so-called OG Twitter handles, short account names that due to their brevity are highly prized and considered status symbols in a certain milieu.
Nima Fazeli, a 22-year-old man from Orlando, Florida, was charged with aiding and abetting access of a protected computer.
Mason "Chaewon" Sheppard, a 19-year-old from Bognor Regis, U.K., also was charged in California with conspiracy to commit wire fraud, money laundering and unauthorized access to a computer.
Watch above via the Hillsborough Attorney's Office.
Graham Clark has reportedly been charged with 30 felonies of communications and organized fraud for scamming hundreds of people using compromised accounts. Clark's arrest report is available here (PDF).
After stealing employee credentials and getting into Twitter's systems, the hackers were able to target other employees who had access to account support tools, the company said. We have zero tolerance for misuse of credentials or tools, actively monitor for misuse, regularly audit permissions, and take immediate action if anyone accesses account information without a valid business reason.
Clark faces 30 counts of fraud and unauthorized access of a device related to taking over accounts of prominent celebrities and brands, including Tesla CEO Elon Musk, Microsoft co-founder Bill Gates, Amazon CEO Jeff Bezos and Apple and Uber.
Clark managed to collect more than $100,000 in Bitcoin in just one day, the attorney's office confirmed.
A 17-year-old teen and two other 19 and 22-year-old individuals have reportedly been arrested for being the alleged mastermind behind the recent Twitter hack that simultaneously targeted several high-profile accounts within minutes as part of a massive bitcoin scam. "They then targeted 130 Twitter accounts - Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7".
The next day, those accounts transfered almost all of the digital currency, in 11 transfers, to other Bitcoin wallets, in an effort to hide or launder the money, according to government filings. As a last resort, they blocked verified accounts from tweeting on the platform.
The person who shared that information was the principal subject of my July 16 post, which followed clues from tweets sent from one of the accounts claimed during the Twitter compromise back to a 21-year-old from the United Kingdom who uses the nickname PlugWalkJoe.
The criminal complaints says the Twitter attack consisted of a combination of technical breaches and social engineering. PlugWalkJoe is pictured here chatting with Ever So Anxious/Chaewon/Mason using his Discord username "Beyond Insane". The defendants are alleged to have victimised the people who sent bitcoin in response to the scam solicitations'. "I can't comment on whether he worked alone", Warren said.