Authorities have arrested an individual who is allegedly part of The Chuckling Squad, a hacker group that in August compromised the Twitter account of Twitter CEO Jack Dorsey, according to law enforcement and criminal sources. The group also claimed responsibility for hacks of other celebrities, including actress Chloë Grace Moretz.
The alleged member was arrested around two weeks ago, one of the leaders of The Chuckling Squad, who goes by the handle Debug, told Motherboard. Motherboard is not naming the individual because they are a minor.
"He was a member of Chuckling Squad but not anymore. He was an active member for us by providing celebs/public figure [phone] numbers and helped us hack them," Debug said. Debug said the group kicked out the member in October.
"We applaud the efforts of all the law enforcement agencies involved in this arrest," the Santa Clara County District Attorney’s Office, which manages the Regional Enforcement Allied Computer Team (REACT), told Motherboard in an email when asked about the arrest of the individual allegedly part of the group involved in the Dorsey hack. "REACT continues to work with and assist our law enforcement partners in any way we can. We hope this arrest serves as a reminder to the public that people who engage in these crimes will be caught, arrested and prosecuted."
When Chuckling Squad hacked Dorsey's account, the group posted a series of bomb threats and racist messages, and retweeted anti-semitic material. The hack relied on a technique called SIM-swapping, where hackers, either in person at a store or on the phone, will trick a wireless provider like T-Mobile or Verizon into giving control of a phone number. From here, hackers can receive two-factor authentication SMS codes, or in the case of Dorsey, post tweets via Twitter's now-defunct text-to-tweet functionality.
In that hack, the individual obtained Dorsey's phone number, Debug said. The rest of the hack was completed by themselves and other Chuckling Squad leaders known as Aqua and NuBLoM, Debug said. The individual told Motherboard they had been arrested, but denied involvement in the Dorsey hack.
Do you know anything else about this arrest? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on firstname.lastname@example.org, or email email@example.com.
Over the past year, law enforcement agencies have ramped up their arrests of SIM-swappers, as the attacks have been used to carry out SWATing threats, the theft of cryptocurrency, and the illegal hacking of accounts themselves. REACT, a task force of multiple police forces in California, has been particularly focused on SIM-swapping.
Debug claimed the individual was responsible for a number of other attacks, including one on Santa Clara County Deputy District Attorney Erin West. Debug provided a screenshot of a text message they say the person sent to West, which included the hashtag "#FreeJoelOrtiz," a reference to a SIM-swapper that West convicted. Ortiz accepted a plea deal of 10 years in prison after stealing more than $5 million worth of cryptocurrency.
The individual's motivations, meanwhile, weren't necessarily financial.
"He would be weird," Debug said. "Swatting celebrities for a follow back."
A Twitter spokesperson told Motherboard in an email, "We have no comment."
Update: This piece has been updated to include that NuBLoM was also involved in the Dorsey hack; this is corroborated by a screenshot from the time of the hack.
Subscribe to our cybersecurity podcast, CYBER.