Joseph James O’Connor, a 23-year-old British citizen extradited from Spain to the United States on April 26, pleaded guilty to multiple charges, including hacking the social media platform Twitter in 2020.
O’Connor, who also uses the online name PlugwalkJoe, has been charged with stealing cryptocurrencies worth $794,000 from a Manhattan-based company through a SIM Swap attack. U.S. prosecutors said O’Connor would forfeit the funds and pay his victims restitution.
Besides, O’Connor has been indicted for hacking Twitter and Tik Tok accounts and promoting fraudulent schemes. He has pleaded guilty to all these charges, and he may face a maximum sentence of 77 years on all counts of charges.
“Joseph O’Connor, a/k/a “PlugwalkJoe,” used his sophisticated technological abilities for malicious purposes – conducting a complex SIM swap attack to steal large amounts of cryptocurrency, hacking Twitter, conducting computer intrusions to take over social media accounts, and even cyberstalking two victims, including a minor victim,” U.S. Attorney Damian Williams said in a statement.
O’Connor’s malicious exploits included hacking of verified Twitter accounts of Tesla CEO Elon Musk and Joe Biden, a presidential candidate at that time. In addition, Reuters said the Twitter accounts of Barack Obama, Bill Gates, Benjamin Netanyahu, Jeff Bezos, Kim Kardashian, Kanye West, and Michael Bloomberg were also affected.
The news agency added that he used these accounts with millions of followers to solicit digital currency, forcing Twitter to stop publishing messages from these profiles for several hours until those were thoroughly sanitized and secured.
Scams on the Rise
A recent FBI report revealed that U.S. citizens lost over $10 billion in online frauds in 2022, out of which $2.57 billion was drained by various crypto investment scams. Hackers often break into famous individuals’ social media accounts, promote fraudulent crypto investment schemes, and prey on unsuspecting investors. In 2021, U.S. citizens lost only $907 million in crypto scams.
Scams through verified Twitter accounts increased notably ahead of Ethereum Merge. Amid the hype and excitement during the transition, in one instance, malicious entities hacked the official Twitter handle of Go First Airline and changed it to vitalik.eth. The display picture was also replaced with that of Vitalik Buterin. The compromised account then promoted a fake giveaway scam of $100,000 ETH.