In the world of cybersecurity, notorious British hacker Joseph O’Connor, better known by his online alias PlugwalkJoe, has been sentenced to a five-year term in a US prison.O’Connor’s punishment relates to a complex scheme that resulted in the theft of $794,000 worth of cryptocurrency via a sophisticated SIM swap attack on a crypto exchange executive in April 2019.
This verdict, which serves as a stark warning to the cybercrime community, was announced in a statement released by the U.S. Attorney’s Office for the Southern District of New York on June 23.
O’Connor, initially arrested in Spain in July 2021, was extradited to the United States in late April 2023. He pled guilty to an array of charges, including conspiracy to commit computer intrusions, wire fraud, and money laundering, among others, in May.
O’Connor didn’t stop at the crypto theft. He and his accomplices laundered the stolen assets through numerous transactions, converting some of it to Bitcoin through cryptocurrency exchange services. Part of the illicitly obtained digital currency even found its way into an exchange account under O’Connor’s control.
The saga does not end there. His sentence also encompasses his involvement in the July 2020 Twitter hack, which netted O’Connor and his crew roughly $120,000 in ill-gotten crypto gains. Through “social engineering techniques” and SIM-swapping attacks, they managed to hijack approximately 130 notable Twitter accounts, in addition to major TikTok and Snapchat accounts.
O’Connor also exploited his power over these accounts to further his malevolent intents. In certain cases, he and his co-conspirators used hijacked accounts to deceive Twitter users. In one instance, he blackmailed a Snapchat user into endorsing his online persona under the threat of revealing their private messages.
SIM swapping, a tactic employed by O’Connor, involves bad actors seizing control of a victim’s phone number, consequently gaining access to any accounts employing SMS-based two-factor authentication. Regrettably, despite O’Connor’s conviction, SIM swapping remains a pressing concern in the crypto industry, underscoring the need for more robust security measures.