A British national, who was extradited to the United States last month, has admitted his involvement in one of the most significant social media hacks in history. The Twitter breach, which occurred in July 2020, impacted more than 130 accounts, including those belonging to Barack Obama and Joe Biden.
Identified as Joseph James O’Connor, also known as PlugwalkJoe, the 23-year-old pleaded guilty to multiple hacking charges that carry a maximum combined sentence of over 70 years in prison. The extensive hack was orchestrated as part of a large-scale Bitcoin scam.
O’Connor, who was extradited from Spain, hijacked numerous Twitter accounts and dispatched tweets urging followers to send bitcoin to a specific account, falsely promising to double their funds.
Charges related to the scam were also brought against three other individuals. In 2021, US teenager Graham Ivan Clark pleaded guilty, while Nima Fazeli of Orlando, Florida, and Mason Sheppard of Bognor Regis in the UK faced federal crimes charges.
Assistant Attorney-General Kenneth Polite Jr., of the United States, described O’Connor’s actions as “flagrant and malicious.” Polite emphasized that O’Connor had inflicted significant emotional harm on his victims through harassment, threats, and extortion.
Polite further stated, “Like many criminals, O’Connor attempted to maintain anonymity by utilizing computers, stealth accounts, and aliases from outside the United States. However, this plea demonstrates that our investigators and prosecutors possess the capabilities to identify, locate, and ensure the prosecution of such offenders, holding them accountable for their crimes.”
In 2020, approximately 350 million Twitter users witnessed suspicious tweets originating from verified accounts of prominent platform users. Sadly, thousands of individuals fell victim to a cryptocurrency giveaway scam, placing their trust in what they believed to be genuine.
Experts in the field of cybersecurity unanimously agreed that the repercussions of the Twitter hack could have been far more severe had the perpetrators possessed plans more sophisticated than a mere get-rich-quick scheme.
The breach had the potential to disseminate disinformation that could have impacted political discourse, while carefully crafted fake business announcements could have influenced markets, leading to significant consequences.
The incident served as a stark reminder of the fragile state of Twitter’s security at the time. The hackers employed social engineering tactics reminiscent of seasoned con artists rather than sophisticated cybercriminals, managing to gain access to the powerful internal control panel of the platform.
Undoubtedly, the Twitter hack stands as a deeply embarrassing chapter in the troubled history of the platform.
While Joseph James O’Connor’s admission of guilt does not come as a surprise, the wealth of evidence in the public domain played a significant role in confirming his involvement. The hackers’ careless errors and boisterous post-hack celebrations contributed to the accessibility of incriminating information.
In addition to the Twitter hack, O’Connor pleaded guilty to other hacking offenses, including unauthorized access to a prominent TikTok account. Through a video posted on that account, O’Connor’s distinct voice was identifiable as he proceeded to threaten the release of “sensitive, personal material” pertaining to the account owner among participants of a Discord group.
The US Department of Justice also revealed that O’Connor had utilized technology to stalk a minor, further adding to the list of charges against him.