Twitter 2020 hacker extradited to U.S. and pleads guilty

Twitter 2020 hacker extradited to U.S. and pleads guilty

Joseph O’Connor, the British national responsible for the 2020 Twitter breach, has been extradited to the United States. He pled guilty to various digital crimes in this court. The United States Attorney’s Office for the Southern District of New York stated this on Tuesday, May 9, 2023.

O’Conner, also known online as PlugWalkJoe, was taken into custody by the Spanish National Police in Estepona, Spain, in July 2021. The Federal Bureau of Investigation (FBI) requested this arrest. He was accused of numerous charges of conspiracy and knowingly gaining unauthorised access to a computer. The Twitter attack exposed the accounts of major cryptocurrency exchanges as well as important cryptocurrency Twitter accounts. He also included accounts from Elon Musk, Warren Buffett, Kanye West, President Joe Biden, and former President Barack Obama. 

At least 130 high-profile Twitter accounts were hacked and used to promote Bitcoin scams that won the hackers around $120,000. The accounts all tweeted a bitcoin scheme in which they promised to double senders’ bitcoin if they delivered it to a specified address. O’Conner was the fourth person arrested in connection with the hack. 

In addition, he faces accusations in the Southern District of New York of conspiracy to commit computer hacking. This is in relation to O’Connor and his co-conspirators’ fraudulent attempt to carry out a cyber intrusion strategy known as a SIM swap attack. The hack enabled them to steal around $794,000 in cryptocurrencies from a Manhattan-based cryptocurrency firm. And then subsequently launder the profits (the “SDNY Case”).

A SIM switch attack occurs when cyber threat actors obtain control of a victim’s mobile phone number by attaching it to a subscriber identity module (“SIM”) card owned by the threat actors. The victim’s calls and texts are then diverted to a malicious unauthorised device controlled by the threat actors.  The threat actors will then often utilise control of the victim’s mobile phone number. This helps them to gain unauthorised access to the victim’s accounts that are registered to the mobile phone number.

U.S. Attorney Damian Williams said: “Joseph O’Connor, a/k/a “PlugwalkJoe,” used his sophisticated technological abilities for malicious purposes – conducting a complex SIM swap attack to steal large amounts of cryptocurrency, hacking Twitter, conducting computer intrusions to take over social media accounts, and even cyberstalking two victims, including a minor victim.

Attacks on the crypto industry are increasing in number. This may be due to the lack of rules and regulations for the industry. But, attacks on wallets and chains of major firms like Euler, SushiSwap, Platypus etc. have been seen. People are also going back to hard wallets to keep their crypto safe from attacks on big exchanges. According to reports by DeFi Llamma, over $20 million have been stolen from the digital currency market in the year.