Porn-wielding Zoom bombers disrupt Twitter hack court hearing

“It’ll never stand up in court!”

Graham Cluley
@gcluley

17-year-old Graham Clark, of Tampa, Florida, was charged and arrested last week for his alleged role in the Twitter mega-hack which saw celebrity accounts including Bill Gates, Elon Musk, Barack Obama, Joe Biden, and others tweet out a cryptocurrency scam.

A bail hearing for teenager Clark took place at the Thirteenth Judicial Circuit Court of Florida in Tampa yesterday. Virtually, of course. After all, there’s a global pandemic going on.

Which meant that the hearing was held over Zoom.

And, as Brian Krebs reports, that’s where the problems started:

Even before the hearing officially began it was clear that the event would likely be “zoom bombed.” That’s because while participants were muted by default, they were free to unmute their microphones and transmit their own video streams to the channel.

Sure enough, less than a minute had passed before one attendee not party to the case interrupted a discussion between Clark’s attorney and the judge by streaming a live video of himself adjusting his face mask. Just a few minutes later, someone began interjecting loud music.

It became clear that presiding Judge Christopher C. Nash was personally in charge of administering the video hearing when, after roughly 15 seconds worth of random chatter interrupted the prosecution’s response, Nash told participants he was removing the troublemakers as quickly as he could.

What could be worse than that? Well….

What transpired a minute later was almost inevitable given the permissive settings of this particular Zoom conference call: Someone streamed a graphic video clip from Pornhub for approximately 15 seconds before Judge Nash abruptly terminated the broadcast.

Some folks shared the offending part of the Zoom call where some porn clips were played on social media. Frankly I’m not that keen to embed it on my website, but if you really must see it here’s a link to a tweet.

Clearly the judge didn’t read our instructions on how to host safer Zoom meetings – which includes instructions on setting “Screen sharing” to “Host only,” having an assistant co-host the call and chuck out any offenders, and not allowing users to unmute themselves.

If anyone is still reading this rather than checking out the tweet, I’ll add that Ars Technica reports that the judge set Graham Clark’s bail at $725,000.

Sign up to our newsletter
Security news, advice, and tips.

According to lawyers, teenage Clark has $3 million worth of Bitcoin under his control.

For more discussion of how the alleged Twitter hackers were caught, listen to this episode of the “Smashing Security” podcast:

Smashing Security #190: 'Twitter hack arrests, email bad behaviour, and Fawkes vs facial recognition'

Your browser does not support this audio element. https://aphid.fireside.fm/d/1437767933/dd3252a8-95c3-41f8-a8a0-9d5d2f9e0bc6/39e3d66d-c595-4c0d-a732-ffa187c1348a.mp3

Listen on Apple Podcasts | Google Podcasts | Pocket Casts | Spotify | Other... | RSS
More episodes...

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.