17-year-old Graham Ivan Clark, of Tampa, Florida, was charged and arrested last week for his alleged role in the Twitter mega-hack which saw celebrity accounts including Bill Gates, Elon Musk, Barack Obama, Joe Biden, and others tweet out a cryptocurrency scam.
A bail hearing for teenager Clark took place at the Thirteenth Judicial Circuit Court of Florida in Tampa yesterday. Virtually, of course. After all, there’s a global pandemic going on.
Which meant that the hearing was held over Zoom.
And, as Brian Krebs reports, that’s where the problems started:
Even before the hearing officially began it was clear that the event would likely be “zoom bombed.” That’s because while participants were muted by default, they were free to unmute their microphones and transmit their own video streams to the channel.
Sure enough, less than a minute had passed before one attendee not party to the case interrupted a discussion between Clark’s attorney and the judge by streaming a live video of himself adjusting his face mask. Just a few minutes later, someone began interjecting loud music.
It became clear that presiding Judge Christopher C. Nash was personally in charge of administering the video hearing when, after roughly 15 seconds worth of random chatter interrupted the prosecution’s response, Nash told participants he was removing the troublemakers as quickly as he could.
Well perhaps unsurprisingly the accused Twitter hacker-Bitcoin thief’s first (virtual) hearing was shut down within 25 minutes due to relentless Zoombombing. (It ended a minute after this when someone screenshared a Porn Hub video.) pic.twitter.com/fGiceq4WfN
— Jen Wieczner (@jenwieczner) August 5, 2020
What could be worse than that? Well….
What transpired a minute later was almost inevitable given the permissive settings of this particular Zoom conference call: Someone streamed a graphic video clip from Pornhub for approximately 15 seconds before Judge Nash abruptly terminated the broadcast.
Some folks shared the offending part of the Zoom call where some porn clips were played on social media. Frankly I’m not that keen to embed it on my website, but if you really must see it here’s a link to a tweet.
Clearly the judge didn’t read our instructions on how to host safer Zoom meetings – which includes instructions on setting “Screen sharing” to “Host only,” having an assistant co-host the call and chuck out any offenders, and not allowing users to unmute themselves.
If anyone is still reading this rather than checking out the tweet, I’ll add that Ars Technica reports that the judge set Graham Clark’s bail at $725,000.
According to lawyers, teenage Clark has $3 million worth of Bitcoin under his control.
For more discussion of how the alleged Twitter hackers were caught, listen to this episode of the “Smashing Security” podcast:
Smashing Security #190: 'Twitter hack arrests, email bad behaviour, and Fawkes vs facial recognition'
Listen on Apple Podcasts | Spotify | Pocket Casts | Other... | RSS
More episodes...