British hacker who hijacked Obama and Musk Twitter accounts to send fraudulent messages sentenced to prison

Phishing scams involving various cryptocurrencies are an all too frequent occurrence on Twitter, such as deceptive links that promise an automatic return of 0.3BTC for a transfer of 0.1BTC. These links often materialize under cryptocurrency-related accounts, invariably leading to a considerable number of users falling prey to such ploys.

In a cunning twist of events, these fraudsters have upped the ante, with some seizing verified Twitter accounts, altering the account names, and posing as famous figures — Elon Musk, to be precise, to circulate these duplicitous links.

The U.S. Department of Justice recently disclosed a new judgment involving a hacker from the United Kingdom who, in July 2020, partook in a major Twitter hijacking incident, subsequently being extradited to the United States and sentenced to a five-year prison term.

Several of the tweets that were published during the 2020 Twitter hack. Image Credits: TechCrunch

This British hacker, who commandeered the Twitter accounts of Obama and Musk to disseminate fraudulent messages, was extradited to the U.S. and imprisoned for five years. The hijacking of these accounts and the dissemination of phishing links resulted in profits of $120,000.

The culprit, 24-year-old Joseph James O’Connor, known online as PlugwalkJoe, along with his accomplices, gained access to Twitter’s backend servers on July 15, 2020.

Upon obtaining server access, O’Connor and his associates hijacked as many as 130 prominent Twitter accounts, including those of former U.S. President Barack Obama, Microsoft founder Bill Gates, and Elon Musk. These accounts were then used to broadcast cryptocurrency phishing links, swindling $120,000 worth of cryptocurrencies within mere hours.

However, O’Connor and his team lacked the expertise to access Twitter’s servers. As he revealed, they had purchased this access for $10,000 from another group of hackers who had obtained these privileges by phishing Twitter employees using social engineering techniques.

By the end of July 2020, O’Connor’s associates Nima Fazeli and Graham Ivan Clark were swiftly traced and arrested by law enforcement agencies. Graham Ivan Clark pleaded guilty to 30 serious charges in March 2021 and was eventually sentenced to three years in prison.

O’Connor, a British citizen, was arrested in Spain in July 2021, and later extradited to face trial in a U.S. court, which recently sentenced him to five years of incarceration.

This small gang, comprising four individuals, one of whom remains at large, engaged in far more cyberattacks than merely the Twitter one. They also launched SIM card swapping attacks in an attempt to seize control of certain Snapchat and TikTok accounts, as well as orchestrating an attack on a New York cryptocurrency firm, pilfering $794,000 worth of cryptocurrencies.

During the trial, O’Connor described his crimes as foolish and meaningless. Following his five-year sentence, he will be subjected to three years of supervised release. The court also confiscated the illegally obtained $794,000.