Joseph O’Connor, better known by his online alias PlugWalkJoe, was apprehended in Spain in 2021. His arrest resulted from his involvement in the 2020 Twitter hack that garnered widespread attention for its audacity and high-profile targets.
Extradition and Guilty Plea: O’Connor’s Fate Sealed
The United Kingdom national, Joseph O’Connor, was extradited to the United States after his arrest. Once in the U.S., he pleaded guilty to numerous cybercrime charges, according to an announcement from the U.S. Attorney’s Office Southern District of New York (SDNY).
O’Connor’s guilty plea illustrated the extent of his cybercriminal activities, which included a complex SIM swap attack, hacking Twitter, conducting computer intrusions to hijack social media accounts, and even cyberstalking two individuals, one of whom was a minor.
The 2020 Twitter Hack: A Scam with High-Profile Targets
Several prominent Twitter accounts were compromised during the infamous 2020 Twitter hack. The attackers utilized these accounts to propagate a Bitcoin giveaway scam. Despite enabling multi-factor authentication on some of the targeted accounts, the hackers managed to conceal scam warning responses from influential figures like Binance CEO Changpeng Zhao. Ultimately, their fraudulent activities accumulated approximately 11.3 BTC ($103,960).
Florida resident Graham Ivan Clark, a 17-year-old accomplice of O’Connor at the hack, was apprehended in March 2021. He was subsequently tried as a young offender due to his age.
O’Connor, who is now 23, also faced charges from the SDNY and pleaded guilty for his involvement in SIM-swapping attacks. These attacks targeted high-ranking executives in the cryptocurrency sector and led to the theft of roughly $794,000 in digital assets. A big payday for PlugWalkJoe, although one with severe consequences.
PlugWalkJoe Targeted Crypto Companies and Telecoms’ Security Vulnerabilities
While the SDNY did not disclose the name of the company that fell victim to O’Connor’s schemes, it did mention it was involved in providing wallet infrastructure and related software to the cryptocurrency industry.
Similar attacks have targeted other companies in this sector, such as BlockFi. As a result, telecom providers like AT&T and T-Mobile have faced lawsuits from affected individuals due to the lack of adequate internal security measures that could have prevented these attacks.