SoatDev IT Consulting
SoatDev IT Consulting
  • About us
  • Expertise
  • Services
  • How it works
  • Contact Us
  • News
  • June 23, 2023
  • Rss Fetcher

Three years after one of the most visible hacks in recent history played out in real-time in front of millions of Twitter users, one of the hackers responsible for the breach will now serve time in federal prison.

Joseph James O’Connor, 24, was sentenced Friday in a New York federal court to five years in prison after pleading guilty in May to four counts of computer hacking, wire fraud and cyberstalking. O’Connor also agreed to forfeit at least $794,000 to the victims of his crimes.

O’Connor, a U.K. citizen, was extradited from Spain at the request of U.S. prosecutors earlier this year and has remained in custody since.

In the hearing, Judge Jed S. Rakoff said O’Connor will likely serve about half of his sentence after spending more than two years in pre-trial custody.

O’Connor faced a maximum of 77 years in prison, according to Reuters. Justice Department prosecutors called for O’Connor to serve at least seven years in prison.

In court, O’Connor said his crimes were “stupid and pointless,” apologized to his victims, and asked the judge for leniency.

According to prosecutors, O’Connor “used his sophisticated technological abilities for malicious purposes — conducting a complex SIM swap attack to steal large amounts of cryptocurrency, hacking Twitter, conducting computer intrusions to take over social media accounts, and even cyberstalking two victims, including a minor victim.”

The government said O’Connor, known by his online handle PlugWalkJoe, was part of a group that broke into dozens of high-profile Twitter accounts, including Apple, Binance, Bill Gates, Joe Biden and Elon Musk, to spread cryptocurrency get-rich-quick scams in July 2020.

O’Connor used phone-based social engineering techniques to trick Twitter employees into granting the group of hackers access to Twitter’s network. One of the other hackers convicted of the Twitter breach, Graham Ivan Clark, also known as Kirk, used the access to Twitter’s network to abuse an internal admin tool to hijack and reassign Twitter user accounts.

A screenshot of the Twitter admin panel that the hackers breached in order to reassign access to Twitter user accounts.

A screenshot of the Twitter admin panel that the hackers breached in order to reassign access to Twitter user accounts. Image Credits: TechCrunch (supplied)

Twitter temporarily blocked users from posting to the site as it grappled with the intrusion, as millions of users watched in real time as their timelines flooded with cryptocurrency scams from some of the most recognizable names on the planet.

A subsequent investigation by New York’s Department of Financial Services, which accused Twitter of inadequate cybersecurity protections, found that the hackers broke in by “calling Twitter employees and claiming to be from Twitter’s IT department,” then hijacked the Twitter accounts of politicians, celebrities, and entrepreneurs to tweet “double your bitcoin” scams.

The scam netted about $120,000, according to public blockchain records.

Several screenshots showing the tweets that were published during the Twitter 2020 hack

Several of the tweets that were published during the 2020 Twitter hack. Image Credits: TechCrunch

The breach prompted Twitter to improve its cybersecurity controls, introducing hardware security keys for its employees to prevent future phishing attempts.

Two years on from the hack, more explosive allegations about the breach came to light.

Peiter “Mudge” Zatko, who was hired as Twitter’s head of security months after the breach, later described the hackers’ access as achieving “god mode,” which allowed them to imposter-tweet from any account they wanted. Zatko called the incident “the largest hack of a social media platform in history” in a whistleblower complaint filed with federal regulators in 2022, in which Zatko accused his former employer of cybersecurity failings.

Twitter auto-replied with a poop emoji in response to an emailed request for comment, as it has done since a short time after Elon Musk acquired the company.

A hacker used Twitter’s own ‘admin’ tool to spread cryptocurrency scam

Hacker responsible for 2020 Twitter breach sentenced to prison by Zack Whittaker originally published on TechCrunch

Previous Post
Next Post

Recent Posts

  • Naukri exposed recruiter email addresses, researcher says
  • Khosla Ventures among VCs experimenting with AI-infused roll-ups of mature companies
  • Presidential seals, ‘light vetting,’ $100,000 gem-encrusted watches, and a Marriott afterparty
  • Zoox issues second robotaxi software recall in a month following collision 
  • Landa promised real estate investing for $5. Now it’s gone dark.

Categories

  • Industry News
  • Programming
  • RSS Fetched Articles
  • Uncategorized

Archives

  • May 2025
  • April 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023

Tap into the power of Microservices, MVC Architecture, Cloud, Containers, UML, and Scrum methodologies to bolster your project planning, execution, and application development processes.

Solutions

  • IT Consultation
  • Agile Transformation
  • Software Development
  • DevOps & CI/CD

Regions Covered

  • Montreal
  • New York
  • Paris
  • Mauritius
  • Abidjan
  • Dakar

Subscribe to Newsletter

Join our monthly newsletter subscribers to get the latest news and insights.

© Copyright 2023. All Rights Reserved by Soatdev IT Consulting Inc.