UK citizen pleads guilty to Twitter 2020 hack

Published: 10 May 2023
Twitter check mark
Image by Shutterstock.

A UK citizen extradited to the US from Spain pleaded guilty to his role in SIM-swapping attacks to steal cryptocurrencies, the Twitter 2020 hack, and cyberstalking.

In 2020, Joseph James O’Connor, aka PlugwalkJoe, 23, participated in a conspiracy to steal Twitter accounts. In some cases, he and his accomplices abused those accounts to defraud other Twitter users directly. In other cases, the stolen accounts were sold to various threat actors.

ADVERTISEMENT

O’Connor’s co-conspirators relied on social engineering techniques to gain unauthorized access to the administrative tools used by Twitter to maintain its operations.

The Twitter 2020 hack affected around 130 user accounts, including those of Elon Musk, Barack Obama, and Joe Biden.

According to the Department of Justice (DoJ), O’Connor also managed to steal a highly visible TikTok account belonging to a public figure with millions of followers. The account was stolen via a SIM-swap attack.

“O’Connor used his unauthorized access to the victim’s platform to post self-promotional messages, including a video in which O’Connor’s voice is recognizable. O’Connor also stated publicly, via a post to the victim’s TikTok account, that he would release sensitive, personal material related to the victim to individuals who joined a specified Discord server.

O’Connor also targeted another public figure, this time on Snapchat, to steal private images. O’Connor, along with his accomplices, threatened the victim with a public release of those images unless they agreed to publicly post messages related to O’Connor’s online persona, among other things.

O’Connor was also accused of threatening a minor victim. He called a local police department claiming the victim threatened to shoot people, hoping for a law enforcement response.

“That same day, O’Connor placed another call to the same police department and stated that he was planning to kill multiple people at the same address. In response to that call, the department dispatched every on-duty officer to that address in reference to an armed and dangerous individual. O’Connor sent other swatting messages that same day to a high school, a restaurant, and a sheriff’s department in the same area,” the DoJ said.

According to law enforcement, O’Connor and his co-conspirators also engaged in a massive SIM-swapping scheme to steal nearly $800,000 worth of cryptocurrency from a Manhattan-based cryptocurrency company, not named in the press release by DoJ.

ADVERTISEMENT

“After stealing and fraudulently diverting the stolen cryptocurrency, O’Connor and his co-conspirators laundered it through dozens of transfers and transactions and exchanged some of it for Bitcoin using cryptocurrency exchange services. Ultimately, a portion of the stolen cryptocurrency was deposited into a cryptocurrency exchange account controlled by O’Connor.”

O’Connor pleaded guilty to his role in cyberstalking and hacking schemes, agreed to forfeit over $794,000, and to make restitution to victims of his crimes. O’Connor is scheduled to be sentenced on June 23rd.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT