Hacker of Barack Obama’s Twitter account ordered to pay $5.4 million in Bitcoin
- British hacker Joseph James O’Connor has been ordered to repay $5.4 million in Bitcoin for his role in the 2020 Twitter hack, in which accounts of Barack Obama, Joe Biden and Elon Musk were hacked.
- The British had confiscated 42 Bitcoins and other crypto assets at the time, in time enough for O’Connor not to benefit from the coup.
Joseph James O’Connor, 26, alias PlugwalkJoe, became sentenced because he was a key figure in the infamous Twitter hack in 2020, in which the accounts of prominent figures such as former US President Barack Obama, his vice president Joe Biden, Elon Musk, Bill Gates, Warren Buffett and Kim Kardashian were hacked.
In 2023, O’Connor pleaded guilty in a US court and was sentenced to five years in prison. The court found it proven that in July 2020 he had used Twitter accounts of high-ranking personalities and companies to promote fraudulent cryptocurrency programs.
$5.4 million seized
On Monday, British prosecutors announced they had obtained a civil confiscation order. This now enables the authorities to confiscate 42 Bitcoin and other cryptocurrencies in connection with the fraud. The assets, worth about 4.1 million pounds ($5.40 million), will be liquidated by a court-appointed trustee to ensure O’Connor cannot benefit from the fraud.
Senior prosecutor Adrian Foster stressed that the ruling shows the UK’s commitment to recovering the proceeds of crime, even when convictions occur abroad:
“We have been able to use all the powers at our disposal to ensure that even if someone is convicted outside of the UK, we are able to ensure they do not profit from their crime.”
O’Connor was initially arrested in Spain in 2021 after Spanish authorities reviewing an extradition request concluded that the U.S. was best placed to prosecute the case given the residences of the two victims and the bulk of the evidence.
After his extradition, U.S. prosecutors revealed that O’Connor and his co-conspirators used social engineering techniques to gain unauthorized access to X’s internal tools, allowing them to take over dozens of accounts within minutes.
Confidential information obtained through social engineering
The success of Twitter’s 2020 breach was not based on sophisticated code exploits, but rather on social engineering, a technique in which hackers trick people into revealing sensitive information. O’Connor and his co-conspirators reportedly used a telephone spear phishing attack against a small number of Twitter employees.
They posed as IT employees and took advantage of the fact that employees were working from home to trick them into entering their login details on a fake website.
This human element was the ultimate vulnerability, allowing attackers to bypass security features like two-factor authentication and gain access to Twitter’s powerful internal management tools. There they were able to reset the passwords of all accounts, allowing the high-profile Bitcoin scam to begin almost immediately.
No Comments