Twitter hacker who took over Musk, Obama, Biden accounts in 2020 gets prison sentence

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

A British hacker behind the 2020 takeover of the Twitter accounts of Elon Musk, Barack Obama, Joe Biden, and several other personalities as part of a Bitcoin scam has been sentenced to five years in prison.

The hacker, 24-year-old Joseph O’Connor from Liverpool, took over nearly 130 accounts in July 2020, and pleaded guilty to charges of hacking these profiles last month.

He was extradited from Spain on 26 April to face charges and now the US Attorney’s Office in the southern district of New York has sentenced him to five years for cyber crimes.

In May, the hacker pled to four counts of computer hacking, wire fraud, and cyberstalking, according to Tech Crunch.

The US justice department accused Mr O’Connor of participating in the exploitation of social media accounts, as well as online extortion and cyberstalking.

The hacker, known as PlugwalkJoe online, has also been ordered to pay nearly $800,000 to the victims of his crimes.

He had participated in the exploitation of social media accounts, as well as online extortion, using social engineering tricks to get access to Twitter accounts.

New York’s Department of Financial Services investigated and found that the hackers had called Twitter employees, claiming to be the IT department.

Another hacker Graham Ivan Clark – known as Kirk – reportedly used this access to hijack and reassign Twitter accounts.

Using stolen accounts, hackers sent out tweets asking followers to send bitcoin to an account, promising to double their money.

Mr O’Connor also pled guilty of using a cyber intrusion technique called a “SIM swap attack” to steal cryptocurrency from a Manhattan-based company and then to launder the proceeds of the scheme.

In this mode of cyber attack, hackers gain control of a victim’s mobile phone number by linking that number to a SIM card controlled by the threat actors.

This leads to the victim’s calls and messages being routed to a malicious unauthorised device controlled by the hackers, who then use control of the victim’s mobile phone number to obtain unauthorised access to accounts held by the victim registered to their mobile phone numbers.

Twitter said it improved the social media platform’s cybersecurity controls following the cyberattack.

In addition to the prison term, Mr O’Connor has been sentenced to three years of supervised release and further ordered to pay about $794,000 in forfeiture.