Advertisement
Engadget has been testing and reviewing consumer tech since 2004. Our stories may include affiliate links; if you buy something through a link, we may earn a commission. Read more about how we evaluate products.

UK citizen pleads guilty to 2020 Twitter hack and other cybercrimes

Joseph James O'Connor also allegedly stole $794,000 worth of cryptocurrency.

Jon Nazca / reuters

Joseph James O'Connor has pleaded guilty to playing a role in various cybercrime activities, including the July 2020 hack that took over hundreds of high-profile Twitter accounts. O'Connor, who's known by the name PlugwalkJoe online, was originally from Liverpool, but he was extradited from Spain to the US in April. If you'll recall, the perpetrators of the 2020 Twitter hack hijacked accounts owned by popular personalities, including Bill Gates, Barack Obama and Elon Musk, and promoted crypto scams under their names. In 2021, Graham Ivan Clark, the supposed teenage mastermind behind the breach, pleaded guilty in return for a three-year prison sentence.

According to the Justice Department, O'Connor communicated with his co-conspirators in that Twitter breach regarding purchasing unauthorized access to Twitter accounts. He allegedly purchased access to at least one Twitter account himself for $10,000. In addition, he was also apparently involved in the hack of a TikTok account with millions of followers, as well as a Snapchat account, via SIM swapping. In both cases, O'Connor and his co-conspirators stole sensitive personal information from the victims and then threatened to release them to the public. While the DOJ didn't identify victims in those cases, The Guardian says they were named in press reports as TikTok star Addison Rae and actor Bella Thorne.

From March 2019 until May 2019, O'Connor was also allegedly involved in the infiltration of a Manhattan-based crypto company to steal $794,000 worth of cryptocurrency. They used SIM swapping to target three of the company's executives and successfully pulled it off with one of them. Using the compromised executive's credentials, they were able to gain unauthorized access to the company's accounts and computer systems. They then laundered the stolen cryptocurrency by transferring them multiple times and using crypto exchanges.

O'Connor has pleaded guilty to a lengthy list of charges, including conspiracy to commit wire fraud and conspiracy to commit money laundering, both of which carry a maximum penalty of 20 years in prison. He is now scheduled for sentencing on June 23rd.