A British man has pleaded guilty in the United States to carrying out the infamous 2020 hack of the Twitter accounts of well known public figures.
The US Department of Justice (DoJ) announced that Joseph James O’Connor (otherwise known as PlugwalkJoe), aged 23, had been extradited from Spain on 26 April.
That came after Spain’s National Court had agreed in February to the extradition of O’Connor, after he was accused of involvement in the 2020 hack in which the Twitter accounts of prominent figures were simultaneously hijacked and used to promote a cryptocurrency scam that promised to double their money.
Celebrities hacked
Joseph James O’Connor, from Liverpool, had been arrested in July 2021 in the southern Spanish city of Estepona.
The Spanish court earlier this year said the US was in a better position to prosecute him because the evidence in the investigation had been obtained there as well as the damage caused.
It rejected the argument from O’Connor’s attorney that he should be tried in Spain as the servers he used were based there.
The July 2020 hack had affected the Twitter accounts of public figures including then-presidential candidate Joe Biden and Elon Musk (who now owns Twitter), as well as former president Barack Obama, Kim Kardashian, Bill Gates, Warren Buffett, Benjamin Netanyahu, Jeff Bezos and Kanye West, among others.
US authorities had listed14 charges against O’Connor, including allegations of membership of a criminal gang, illegal access to computer systems, internet fraud, money laundering and extortion.
Spain’s National Court had said in February that O’Connor was also suspected of hacking the Snapchat account of an unnamed public figure and threatening to publish naked pictures of the person unless given financial compensation.
Guilty plea
Now the US DoJ said on Tuesday that Joseph James O’Connor has pleaded guilty in New York to his role in cyberstalking and multiple schemes that involve computer hacking, including the July 2020 hack of Twitter.
“O’Connor’s criminal activities were flagrant and malicious, and his conduct impacted multiple people’s lives,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division. “He harassed, threatened, and extorted his victims, causing substantial emotional harm.
“Like many criminal actors, O’Connor tried to stay anonymous by using a computer to hide behind stealth accounts and aliases from outside the United States,” said Polite. “But this plea shows that our investigators and prosecutors will identify, locate, and bring to justice such criminals to ensure they face the consequences for their crimes.”
“O’Connor used his sophisticated technological abilities for malicious purposes – conducting a complex SIM swap attack to steal large amounts of cryptocurrency, hacking Twitter, conducting computer intrusions to take over social media accounts, and even cyberstalking two victims, including a minor victim,” added US Attorney Damian Williams for the Southern District of New York.
“O’Connor’s guilty plea today is a testament to the importance of law enforcement co-operation, and I thank our law enforcement partners for helping to bring to justice those who victimise others through cyber-attacks,” said Williams.
Other arrests
O’Connor had been facing a slew of charges in the US, including computer intrusion, extortion, stalking, wire fraud and money laundering.
The most serious of the charges could result in up to 20 years in prison, and O’Connor is scheduled to be sentenced on 23 June.
It should be noted that O’Connor is not the only person arrested over the 2020 Twitter hack.
In July 2021, Florida teenager Graham Ivan Clark, the alleged mastermind of the hacking group, was sentenced to three years in juvenile prison under a plea agreement.
However Clark was only 17 when he was charged, and therefore he was sentenced to the maximum allowed under Florida’s Youthful Offender Act.
In August 2020 police in the UK had also arrested a man living in Bognor Regis, on the south coast.