New York: A British citizen who was extradited to the United States last month has entered a guilty plea for involvement in one of the most significant hacks in the history of social media.
The Twitter hack that occurred in July 2020 had a wide impact, affecting more than 130 accounts, including those belonging to prominent individuals such as Barack Obama and Joe Biden.
Joseph James O'Connor, also known as PlugwalkJoe, who is 23 years old, has pleaded guilty to charges related to the hack. The charges carry a maximum sentence of over 70 years in prison.
The hacking incident was carried out as part of a large-scale Bitcoin scam.
Having been extradited from Spain, O'Connor orchestrated the hijacking of numerous Twitter accounts and disseminated tweets urging followers to send Bitcoin to a specific account with the promise of doubling their funds.
O'Connor faced charges alongside three other individuals in relation to the scam. In 2021, American teenager Graham Ivan Clark pleaded guilty, while Nima Fazeli from Orlando, Florida, and Mason Sheppard from Bognor Regis in the UK were charged with federal offenses.
In a statement, US Assistant Attorney-General Kenneth Polite Jr described O'Connor's actions as "blatant and malevolent," highlighting that he had subjected his victims to harassment, threats, and extortion, causing significant emotional harm.
Similar to numerous criminals, O'Connor attempted to maintain anonymity by utilizing a computer and creating hidden accounts and aliases from outside the United States.
However, this guilty plea demonstrates that our investigators and prosecutors are determined to identify, track down, and hold such criminals accountable for their actions, ensuring they face the appropriate consequences for their crimes.
In 2020, around 350 million Twitter users were exposed to dubious tweets originating from verified accounts of some of the platform's most prominent users. Consequently, thousands of individuals were deceived by a cryptocurrency giveaway scam, believing it to be authentic.
According to cybersecurity experts, the ramifications of the Twitter hack could have been significantly more severe had O'Connor and other hackers devised more sophisticated plans beyond a mere get-rich-quick scheme.
The potential consequences could have included the dissemination of disinformation aimed at manipulating political discourse, or the manipulation of markets through well-crafted fake business announcements.
The hack exposed the vulnerability of Twitter's security infrastructure at that time. The attackers employed a social engineering tactic, contacting a small number of Twitter employees and successfully persuading them, using a plausible narrative, to disclose their internal login credentials. This granted the hackers access to Twitter's robust administrative tools.
In essence, the hackers employed social engineering techniques reminiscent of con artists rather than those typically employed by sophisticated cybercriminals to gain entry to the site's powerful internal control panel.
The Twitter hack remains a deeply embarrassing incident in the troubled history of the platform, a stain that continues to linger.
However, O'Connor's admission of guilt did not come as a surprise, considering the abundance of evidence available to the public. The hackers made several critical errors or were excessively vocal in their celebrations following the hack, leading to the exposure of their actions.
In addition to his involvement in the Twitter hack, O'Connor pleaded guilty to other hacking offenses, which included unauthorized access to a prominent TikTok account.