British hacker Joseph O’Connor, also known as PlugwalkJoe, has pleaded guilty to his role in the 2020 Twitter hack, facing a potential prison sentence of over 70 years.
Joseph James O’Connor, a 23-year-old British citizen known on the internet as PlugwalkJoe, has admitted guilt in New York for participating in the massive July 2020 Twitter hack, one of the most extensive social media cyberattacks ever. O’Connor could face a maximum prison sentence of more than 70 years for the hacking offences. The attack impacted over 130 prominent accounts, including former US President Obama and President Joe Biden.
The cyber-attack was part of a massive Bitcoin scam in which O’Connor and his accomplices hijacked numerous Twitter accounts, sending out tweets asking followers to send Bitcoin to a specific account with the promise of doubling their money. The hack exposed the fragility of Twitter’s security at the time, as the attackers managed to gain access to the platform’s powerful administrative tools through social engineering tricks and to convince a small number of Twitter employees to hand over their internal login details.
Hailing from Liverpool, O’Connor was extradited last month from Spain to the United States. Along with O’Connor, three other individuals were implicated in the scam: American teenager Graham Ivan Clark, who entered a guilty plea in 2021, Nima Fazeli from Orlando, Florida, and Mason Sheppard of Bognor Regis in the UK, were also charged with federal crimes.
U.S. Assistant Attorney General Kenneth Polite Jr. described O’Connor’s actions as blatantly malicious, highlighting that he had caused significant emotional distress by harassing, threatening, and extorting his victims. Polite Jr. continued, stating that while O’Connor attempted to remain anonymous by utilizing a computer to conceal his identity through covert accounts and aliases beyond U.S. borders, this guilty plea demonstrates the dedication of investigators and prosecutors to track down and bring such criminals to justice, ensuring they are held accountable for their actions.
In 2020, around 350 million Twitter users were exposed to dubious tweets from some of the platform’s most influential accounts. The scam deceived countless individuals, convinced that the cryptocurrency giveaway was genuine. Cybersecurity experts now concur that the fallout from the Twitter hack might have been considerably more severe if O’Connor and his associates had devised more intricate schemes than merely attempting to make money quickly. The hackers could have used their access to disseminate disinformation, sway political discussions, or even manipulate financial markets with fabricated business announcements.
O’Connor’s guilty plea has not come as a surprise, as there was already substantial evidence against him in the public domain. The 2020 Twitter hack has been a significant embarrassment for the social media giant, revealing the vulnerabilities in its security systems. As a result, Twitter has taken steps to improve its security measures to prevent similar attacks in the future. The hackers made several mistakes and were too vocal in celebrating their success in the immediate aftermath of the hack, providing authorities with big leads to track them down.
In addition to the Twitter hack, O’Connor pleaded guilty to other hacking crimes, including gaining unauthorized access to a high-profile TikTok account. He posted a video to that account in which his voice is recognizable. He also threatened to release “sensitive, personal material” related to the account’s owner to individuals who joined a Discord group.
The US Department of Justice further revealed that O’Connor had used technology to stalk a minor. This pattern of behaviour demonstrates a history of criminal activity and highlights the importance of law enforcement agencies working together to identify and apprehend international cyber criminals. O’Connor’s case is a stark reminder of the potential damage that cybercriminals can inflict, particularly when they exploit weaknesses in widely-used platforms such as Twitter. It also underscores the need for individuals and organizations to protect their online accounts and information from potential cyber threats.
As O’Connor awaits sentencing, the outcome of his case will likely serve as a deterrent for other would-be hackers, illustrating the severe consequences they may face if they choose to engage in similar activities. Meanwhile, social media platforms and other online services must strengthen security measures, adapt to the ever-evolving threat landscape, and work closely with law enforcement agencies to combat cybercrime.