The Teenager Who Hacked Twitter and Stole Millions: The Story of Graham Ivan Clark

This blog digs into the world of a teenager named Graham Ivan Clark who had allegedly hacked Twitter and stole millions in Bitcoin. Have a read!

The Beginning

“Feeling greatful, doubling all payments sent to my BTC address! You send $1,000, I send back $2,000!” — said Elon Musk.

“All Bitcoin sent to our address below will be sent back to you doubled!” — said Apple.

“All payments sent to our address below will be sent back doubled.” — said Uber.

Except that none of those individuals or companies ever said those things. It was all allegedly said by a teenager named Graham Ivan Clark; a teenager who, at the age of 16, was alleged to have stolen around 164 bitcoins (around 1.2 million USD in 2019 and around 10.3 million USD nowadays) from an investor based in Seattle, and masterminded the Twitter account hijacking — the so-called Twitter bitcoin scam where more than a hundred accounts of prominent celebrities and companies were accessed to extract Bitcoin from victims — in 2020.

Open’s Career in Minecraft, The Bitcoin Scam, and the Alleged Twitter Hack

The name of Graham Ivan Clark rose to fame — or, rather, to infamy — after he was arrested for the alleged Twitter hack in late July of 2020. The Twitter hack looked like this:

Similar messages were shared across multiple other prominent Twitter accounts including the Twitter accounts of former President of the US Barack Obama, Elon Musk, Jeff Bezos, Kanye West, Joe Biden, Apple, Uber, and others. The hack was said to be one of the biggest Twitter hacks in history, but in fact, the Twitter accounts themselves didn’t have their passwords cracked or anything; it is said that the nefarious parties behind the Twitter hack had used social engineering against Twitter employees thus gaining access to the administrative tools behind Twitter and thus, were able to access the accounts of many prominent celebrities — the Twitter hack was organized with the help of social engineering.

Twitter itself didn’t suffer a data breach; many allege that this was all done by utilizing the means of social engineering and the statement by Twitter (shown above) only confirms these suspicions.

At the same time, the perpetrator of this attack was said to be 17-year-old Graham Ivan Clark at the time — some say that Graham Ivan Clark started his career as early as 2017 via a Twitter account and a YouTube channel. The teenager was said to also be an avid Minecraft player selling capes to Minecraft users, some of which were worth hundreds of dollars, and some say that he’d scam people after receiving the money — never providing them with the goods they’ve purchased access to. Graham Ivan Clark was allegedly known as Open or OpenHCF on various communities he’d registered for — and if we take a deeper look, it doesn’t take long to find videos that accuse Open of scamming people/customers.

The Twitter Hack, OGUsers, and Cryptocurrency

Graham Ivan Clark is said to be behind the notorious 2020 Twitter hack stealing Bitcoin from unsuspecting “donators”, and some sources also claim that he was active on a forum called OGUsers.

The purpose of the OGUsers forum was to facilitate trading related to “OG” (short, memorable phrases that depict various things) usernames between users of various platforms. The problem behind the OGUsers forum is that users of that forum were said to be hacking accounts and selling access to the OG usernames that way — though, it’s said that in the specific Twitter scenario, the hacker soon realized that if he could gain access to someone’s phone number (some Twitter accounts have phone numbers linked to them), he could access an email address belonging to the victim, and from there, gain access to financial details, whether that would be bank accounts or cryptocurrency wallets.

Such attacks are precisely the reason why in the cryptocurrency world, it’s ill-advisable to talk about your crypto investment gains: as cryptocurrencies are decentralized and there’s no central “bank” that holds your crypto assets, you essentially become the bank and thus, run the risk of losing all of your cryptocurrency assets.

SIM Swapping, More Bitcoin Scams, and the Takedown

It is said that precisely such attacks are said to have paved the way for Graham Ivan Clark’s SIM swapping capabilities — since SIM swapping is an attack where an attacker would call a telecommunication company and somehow convince them that he is the original owner of the SIM card and that take over the operations related to the SIM card, an attacker would need a lot of additional details on the victim, and since Graham would have access to the victim’s social media accounts as well as the email account, the information was easily obtainable. A little social engineering here and there, and we’re done… How convenient is that?

Some say that it is using such or similar methods that Graham Ivan Clark was able to access and drain Gregg Bennett’s cryptocurrency accounts and steal around 164 BTC from a cryptocurrency wallet. It is said that after noticing what had happened, Gregg contacted the telephone company, explained the situation, recovered access to his phone number (thus minifying the harm of the SIM swapping attack), and then used access to that phone number to remove access to his cryptocurrency wallets to any third parties.

It didn’t end here — since Graham Ivan Clark was alleged to have wanted to access all of the bitcoin in his victim’s wallet but couldn’t due to daily withdrawal limits or other issues, the attacker has sent an email to his victim saying that the situation can be resolved if he just sends X amount of BTC to a specified Bitcoin address. It remains unknown whether the victim has provided the attacker with more Bitcoin.

Finally, after Graham Ivan Clark came to the attention of law enforcement authorities, they arrested him. It is said that law enforcement was able to confiscate around 400 BTC (around 25.2 million USD at the present moment), and the game was over.

Summary

The Twitter hack in 2020 wasn’t an ordinary one — it was allegedly conducted after a successful social engineering attack by a teenager named Graham Ivan Clark.

Graham was also allegedly involved in a massive Bitcoin theft from an investor in Seattle, but his hacking “career” quickly came crashing down after law enforcement launched an investigation into his behavior.

We do hope that Graham Ivan Clark has been given a chance to redeem himself and think about his actions and that he won’t be conducting similar behavior in the future.

We hope that this story has been interesting, don’t forget to follow us on X (Twitter), LinkedIn, and Facebook for more updates, watch out for impersonators of BreachDirectory (our domain ends with .com), and until next time.

FAQ

Who is Graham Ivan Clark?

Graham Ivan Clark is said to be one of the masterminds behind the massive 2020 Twitter hack — allegedly, the same person is said to have masterminded a massive Bitcoin theft from an investor based in Seattle.

What Happened to Graham Ivan Clark?

It is said that Graham Ivan Clark was arrested in late July 2020 after an investigation by law enforcement authorities. He was sentenced to jail and released in 2023.

How Did Hackers Orchestrate the 2020 Twitter Hack?

The 2020 Twitter hack was said to have been orchestrated by using social engineering measures targeting Twitter employees rather than technical hacking techniques. No Twitter database leaks were reported during this incident.

What is SIM Swapping?

SIM swapping refers to an attack where a nefarious party associates a phone number with a different SIM card by using social engineering techniques after calling the telecommunications company that is being used by the victim.