Twitter Hack Orchestrated by Young Hacker Who Lives with Mother

One of the hackers who managed to hijack more than 130 Twitter accounts of global figures is reportedly a teenager who lives with his mother in the United Kingdom.

The social network's security team is investigating the cyberattack which is believed to have exploited an internal system to spread a cryptocurrency scam. Among the victims were Elon Musk, Bill Gates, Kanye West, Kim Kardashian, Joe Biden, Barack Obama and many others.

Their millions of followers were told on Wednesday that they could double their Bitcoin "for the next 30 minutes" which duped some into sending payments.

According to an investigation by The New York Times, one of the people involved was a 19-year-old working from his home in the south of England.

Twitter logo
The Twitter logo is seen on a phone in this photo illustration in Washington, DC, on July 10, 2019. ALASTAIR PIKE/Getty Images

The paper said that the teenager, known as 'lol' and another hacker called "ever so anxious" were approached by a ringleader who went by the moniker "Kirk" to sell high profile Twitter handles.

The paper has seen logs and screenshots of four people involved with the scheme, which it says indicated that the attack was not done by a single country like Russia, but by a group of young people who got to know each other because of their interest in owning unusual screen names, in particular those with one letter or number like @y or @6.

The user "lol" did not confirm his identity, claiming that he was in his 20s and lived on the West Coast of the U.S. However the user "ever so anxious" said in fact he was a 19-year-old who lived in southern England with his mother.

The paper suggested that the hackers got access to credentials that had been shared on the social media giant's Slack messaging channel.

On Saturday, Twitter confirmed that the hackers used tools that only its staff should have had access to, and that the perpetrators had downloaded data from up to eight accounts, whose identities it has not named.

It said that for 45 of the 130 accounts, attackers were able to reset the password, login and send Tweets. The attackers were also able to see personal information such as email addresses and phone numbers but were unable to view previous account passwords.

"We are continuing our investigation of this incident, working with law enforcement, and determining longer-term actions we should take to improve the security of our systems," Twitter said in a statement on its blog.

"We have multiple teams working around the clock focused on this and on keeping the people who use Twitter safe and informed," it added.