Joseph James O’Connor, 24 (aka PlugwalkJoe), a U.K. citizen who participated in the massive July 2020 Twitter hack, received a five-year prison sentence on Friday in the Southern District of New York, a little over a month after pleading guilty to the criminal schemes. In Spain, he was detained in July 2021.
The defendant and his co-conspirators were able to gain unauthorized access to Twitter’s backend tools thanks to the infamous Twitter breach, which they then used to hijack 130 popular Twitter accounts and carry out a crypto scam that cost them approximately $120,000 in illegal profits.
According to the U.S. Department of Justice (DoJ), “in other instances, the co-conspirators sold access to Twitter accounts to others.” O’Connor discussed with others the possibility of purchasing unauthorized access to numerous Twitter accounts, including those of global public figures.
In addition, the defendant is accused of orchestrating SIM swapping attacks in order to take control of users’ Snapchat and TikTok accounts. In one instance, the attacks even targeted a New York-based cryptocurrency company in order to steal crypto that was worth approximately $794,000 at the time.
The Department of Justice stated, “O’Connor and his co-conspirators laundered the Stolen Cryptocurrency through dozens of transfers and transactions and exchanged some of it for Bitcoin using cryptocurrency exchange services after stealing and fraudulently diverting the Stolen Cryptocurrency.”
“In the end, O’Connor controlled a cryptocurrency exchange account with a portion of the stolen cryptocurrency.”
In addition, O’Connor is accused of cyberstalking two victims, one of whom was a minor, in June and July 2020 by falsely claiming that the victim was threatening to shoot people in an effort to provoke a response from law enforcement.
According to TechCrunch, O’Connor, who claimed that his crimes were “stupid and pointless,” faces three years of supervised release following his release from prison. Additionally, he must forfeit $794,000.