Twitter Hacker Goes To Jail

Uploaded on 2023-07-05 in TECHNOLOGY-Key Areas-Social Media, FREE TO VIEW, BUSINESS-Services-Law

A British man who hacked famous Twitter accounts as part of a Bitcoin scam has been jailed in the US he has been involved in hacking schemes targeting crypto-currency wallets, Twitter accounts, and other social media accounts.

Joseph O'Connor, from Liverpool, took control more than 130 Twitter accounts in July 2020. The victims  included Barack Obama, Joe Biden, Jeff Bezos, Mike Bloomberg, Bill Gates and Elon Musk.

The 24-year-old hacker pleaded guilty to the charges of conspiracy to commit computer intrusions, wire fraud, and money laundering, computer intrusion, extortion, stalking, and making threats in May. He pleaded guilty to various charges, including SIM swapping attacks resulting in the theft of $794,000 worth of crypto-currency and participating in a scheme targeting high-profile Twitter accounts. 

As part of the attack, the perpetrator took over the phone numbers of three executives at the victim company to gain access to accounts and computers and steal crypto-currency from wallets maintained on behalf of two clients.

O’Connor also used SIM swapping to access unauthorised accounts on TikTok and Snapchat and engaged in stalking and swatting activities. He has now been sentenced to a five years prison sentence for cyber crimes, and ordered to pay forfeiture of $794,000, according to the US Attorney's Office in the southern district of New York. 
This hacking attack was part of a major Bitcoin scam that generated tweets asking followers to send Bitcoin to an account, promising to double their money.

As a result of the fraud, an estimated 350 million Twitter users viewed suspicious tweets from official accounts of some of the platform's biggest users, including Apple, Uber, Kanye West and Bill Gates. Thousands were duped into believing that a crypto giveaway was real.

O'Connor, who named himself PlugwalkJoe, was arrested 2 years ago and has been extradited from Spain to the US in April 2023 and in May he pleaded guilty to hacking charges that carried a total maximum sentence of more than 70 years. Three other men have been charged over the scam, with US teenager Graham Clark pleading guilty to his part in the deception in 2021.

The hackers telephoned a small number of Twitter employees with a believable tale to convince them to hand over their internal login details, which eventually granted them access to Twitter's administrative tools. They managed to use social engineering tricks, more akin to conmen than high-level cyber-criminals, with the aim to get access to the powerful internal control panel at the site.

In a statement, US Assistant Attorney-General Kenneth Polite Jr described O'Connor's actions as "flagrant and malicious", saying he had "harassed, threatened and extorted his victims, causing substantial emotional harm".
The US justice department also said O'Connor admitted other hacking crimes including gaining access to a high-profile TikTok account and stalking a minor.

The attacks, which unfolded over the course of several hours in July 2020, rocked Twitter and prompted the company to take the unprecedented measure of stopping all verified accounts from tweeting. He has been ordered to pay almost $800,000 in forfeiture, the US justice department said.

US Dept. of Justice:      BBC:      Oodaloop:    Security Week:     Daily Mail:    Liverpool World:    Guardian

Image: Umanoide on Unsplash

You Might Also Read: 

For Sale: 5.4m Twitter Users’ Data:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« A Brief History Of Artificial Intelligence & Its Potential Future
Financial Services Cyber Compliance Is About To Get Harder »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Avatier

Avatier

Avatier identity management software products automate identity access management, user provisioning and IT governance to ensure information security and compliance.

UM Labs

UM Labs

UM Labs is a developer of security products for Voice over IP (VoIP), protecting SIP trunk connections, safeguarding mobile phone communications and enabling BYOD.

Horangi

Horangi

Horangi provides security products and services that enable the rapid delivery of Incident Response and threat detection for our customers who lack the scale, expertise, or time to do it themselves.

Forensic Pathways

Forensic Pathways

Forensic Pathways focus on the provision of digital forensic technologies, offering clients unique technologies in the management of mobile phone data, image analysis and ballistics analysis.

Me Learning

Me Learning

Me Learning provides engaging, informative and clearly explained learning materials for complex and challenging professional environments in areas including GDPR and Information Governance.

Intrinsyc Technologies

Intrinsyc Technologies

Intrinsyc provides product development services and Edge Computing modules that are helping to take the Internet of Things products to the next level.

Humming Heads

Humming Heads

Humming Heads offers a complete solution to fight the advanced threats that target a company's endpoints and servers.

BlackScore

BlackScore

BlackScore is a technology company seeking to disrupt risk assessment using AI-driven technology.

Vulcan Cyber

Vulcan Cyber

At Vulcan, we’re modernizing the way enterprises reduce their cyber risk. From detection to resolution, we automate and orchestrate the vulnerability remediation process dynamically and at scale.

Cynance

Cynance

Cynance are an award-winning, independent cyber security specialist and part of the Transputec family of companies.

Lifetech

Lifetech

Lifetech is a software development, product engineering and system integration company. Cybersecurity services include SIEM deployment and training.

Onevinn

Onevinn

Onevinn's goal is to create a transparent, cost-effective security that is noticed as little as possible by the users. We simply call it "intelligent security."

Curatrix Technologies

Curatrix Technologies

Curatrix Technologies is a Managed IT Service provider based in Hampshire, UK, providing high quality and reliable Managed IT Services since 2015.

Rezonate

Rezonate

Rezonate discovers, profiles, and protects Identities and their entire access journey to cloud infrastructure and critical SaaS applications. Preventing and stopping cyberattacks.

Calamu

Calamu

Calamu is a software-defined storage security and resiliency platform that keeps your data secure and accessible wherever you choose to store it.

Badge

Badge

Badge authenticates you on-demand for every application, on any device, without storing any secrets.